Microsoft warns of thieving Word docs
The software giant says it is studying a security hole that could allow a Word document to steal files from any Windows PC on which it's opened.
A would-be thief would have to take extraordinary care in setting up the scenario, however, including knowing the exact location and name of the desired file as well as persuading the victim to open, modify, save and then return the Word document to the sender.
The scheme works best under Word 97, but Word 2000 and 2002 could also be conscripted into service if the attacker can persuade a victim to print the document first, a Microsoft spokesperson said.
"The Microsoft Security Response Center is thoroughly investigating this issue, just as we do every report we receive of security vulnerabilities affecting Microsoft products," the spokesman wrote in an e-mail statement. "When the investigation is completed, we will take the action that best serves Microsoft's customers."
Details of the flaw were first published on Aug. 26 to the popular Bugtraq security list, a service hosted by SecurityFocus, a subsidiary of Symantec.
The attack uses the INCLUDETEXT field, one of the many hidden fields embedded in Word documents, to copy text into a document opened on another computer. The file can be hidden by using a small white font to make the appended text nearly invisible.
Woody Leonhard, editor of Woody's Office Watch and an author of several books for Windows users, highlighted the problem in his e-mail newsletter.
Microsoft could give no schedule for when a patch may be released. The only way to prevent a file from being stolen is to manually check the fields, accessible in the document's properties.