toggle

AAPL Stock: 439.66 ( 0 )

http://www.macnn.com/articles/08/01/25/office.2008.security.hole/

Office 2008: permission, uninstall issues

updated 02:00 pm EST, Fri January 25, 2008

 

Office 2008 security hole


Microsoft Office 2008 for Mac allegedly ships with improper permissions handling, installing files under user 502, which is a common user ID, rather than the 501 administrator account. According to blogger Brunerd, this issue makes it easier for large-scale deployments to occur, but can be a huge hassle for IT specialists, and a security risk for users. In large office environment, an IT team usually handles software installs and modifications of software, so by placing control over file integrity in the hands of a standard user account, the software could easily be removed or broken by an ignorant user.

The problem files primarily sit within the main Library folder, although the suite’s application folder itself is also flawed. This could potentially leave a hole wide open for malicious users to exploit.

Brunerd cautions users that wish to manually edit Office’s permissions, saying that the suite’s receipt files must be eliminated. Otherwise, utilities like Apple’s Disk Utility or Alsoft’s DiskWarrior will return the values to their former state when performing a permissions repair.


by MacNN Staff

Post tools:

TAGS :

 security, software, Microsoft, Office 2008
toggle

Comments

  1. Flying Meat

    Junior Member

    Joined: Jan 2007

    0

    Brunerd cautions...

    "Brunerd cautions users that wish to manually edit Office’s permissions, saying that the suite’s receipt files must be eliminated. Otherwise, utilities like Apple’s Disk Utility...will return the values to their former state when performing a permissions repair."

    Apple's Disk Utility does not repair permissions for third party software receipts.

    The blogger Brunerd acknowledged that correction at their blog thingy linked above, but this MacNN article still reinforces the incorrect information.

    Just so's ya knows. :)

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

MaxUpgrades MaxConnect for 2006-2008 Mac Pro

Nobody outside of Cupertino's privileged bunch knows the future of the Mac Pro line for sure. Despite Apple's reluctance to tell us wh ...

Brother HL-3170CDW LED Printer

We've mentioned before that we are far from a paperless society. For now, at least, there are tasks that require a piece of paper for ...

HTC One

It is hard to overstate just how critically important the HTC One is to the Taiwanese company’s fortunes. Despite its alarming decline ...

toggle

Most Commented