On Tue, 10 Apr 2007 09:05:22 EDT, "Richard M. Smith" said: > These 3 Word bugs are interesting, but I suspect they are not exploitable in > an Outlook email message because an email message is HTML text and not a > Word .DOC file. To find security problems in Word that can be exploited > from an Outlook email message instead requires fuzzing HTML.
Not True. There's been *plenty* of evidence that "open attached file for details" is a highly successful way of deploying malware. If they'll go to the effort of saving an encrypted .zip file, then opening it with the provided password, they'll open a .doc file.
pgpAdwQ5eC9Jd.pgp
Description: PGP signature
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
