Security flaw in Microsoft Office for Mac By Robert Lemos Staff Writer, CNET News.com April 16, 2002, 5:15 PM PT http://news.com.com/2100-1001-884364.html
Microsoft acknowledged on Tuesday that its popular Office applications for=
the Macintosh have a critical security flaw that leaves users' systems=
open to attack by worms and online vandals. The software slip-up happens because the Microsoft applications incorrectly=
handle the input to a certain HTML (Hypertext Markup Language) feature. By=
formatting a link in a particular manner, an attacker can cause a program=
to crash a Macintosh or run arbitrary commands. The link could appear on a=
Web page or in an HTML-enabled e-mail.
Known as a buffer overflow, such a problem is relatively easy to take=
advantage of, said Matt Conover, a member of w00w00, one of two security=
groups that is credited with bringing the problem to Microsoft's=
attention.
<snippety snip>