On Jan 5, 2008 11:48 PM, MB Software Solutions <[EMAIL PROTECTED]> wrote:
> Sounds like a good follow-up to TR's post earlier about Office formats > being broken by the upgrade. That's good news to pass on to clients: access isn't broken, only disabled. So, now MS has provided the Registry keys bad guys need to tweak to open older formats. It would have been better if they wrote "safe" routines to open the files, but the bottom line is that would have been hard, and expensive and is a low-demand item. Easy to understand. So, once a client adds a Registry key to read some Word '94 document, can they turn it off again, to once again reduce their attack surface? I wonder what the situation is with OpenOffice.org's techniques for opening the files. Are they liable for exploit? -- Ted Roche Ted Roche & Associates, LLC http://www.tedroche.com _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/[EMAIL PROTECTED] ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
