 |
 |
 |
 |
This serious issue allows an automatic macro to execute in a word template, without your prior permission. The scenario goes like this: you see a Word document on a page on the internet, and you click it. It opens in the browser (or in Word, if you are using Netscape), and the macro runs. You don't get the normal warning dialog that you do for documents. Hence, the macro can be run, without your intervention. Keep in mind this macro can contain any code the author wants.
Do not underestimate the risk that this poses: any code can be run from the word document without your knowledge. This code could be a virus injector, or similar harmful code. It could encrypt your files, format your hard disk, or any other possible side effect.
This problem does not occur with document files: Word asks permission beforehand, when opening the document. However, with Template files, it does not. A severe problem is that you can't tell the difference between file types by looking at their file name or extension - the difference is in the file format.
Microsoft now have a patch available. You can download this patch from Microsoft's Office Update site. It is well worth installing, simple for piece of mind.
|
|
|
|
Information is provided without warranty of any kind. Use at your own risk.
This site includes links to servers not under the control of GeoCities or of the Author. Use at own risk.
©1999