This is an OLE structured storage problem, not a Microsoft application problem (although very few non-Microsoft apps use OLE structured storage). It was fixed on Windows95 a long time ago by an OLE patch (see MS KB article Q139432). Microsoft need a kick in the pants for leaving such an old bug in their latest release of MAC OLE though. I guess the MAC OLE source is probably based on an ancient version of the PC OLE code. CJ van den Berg Computer Information Systems Department CfaN cjvat_private > -----Original Message----- > From: Mike [mailto:mikeat_private] > Subject: Microsoft Insecurity... > > Well! After an overwhelming response from everyone, just a > summery of the > conclusions: > > 1. This is a Microsoft Application problem, from Word, > excel, etc from way > back as far as Word 2.0 > > 2. This has been reported before to Microsoft, without any kind of > response or patch, etc > > 3. The problem is that the Microsoft Applications take RAM or Buffer > blocks to fill out application files - reading plaintext, etc, > indiscriminately. > > 4. Suggestions to turn off the 'Fast Save' option help, but > do not by any > means eliminate the problem. > > 5. There is no other Fix - other than not attaching an application > document to send to anyone who could possibly use it maliciously. > > 6. I think I have heard the opinions from everyone EXCEPT any sort of > Microsoft rep, surprised? > > 7. It would be a simple fix of encrypting the 'fill' > information with a > simple MD5 encryption or something similar, just to eliminate > any plaintext. > > Thanks to everyone for their suggestions and information.... > > Cheers > > Mike
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:59:12 PDT