Exclusive Deal While supplies last, save 40% off over 40 iPhone 5 and iPhone 4/4S cases and chargers as well as Samsung S III cases at Kensington.com. Use coupon code 'SAVE40%' at checkout to receive this exclusive discount.      
toggle

AAPL Stock: 443.72 ( + 1.58 )

http://www.macnn.com/articles/02/02/06/ms.posts/

MS posts security bulletin on Office v. X

updated 11:00 pm EST, Wed February 6, 2002

 
", 0, 0);


Microsoft has posted an security bulletin for Office v.X, which discusses a vulnerability in its network-aware anti-piracy mechanism that could allow hackers to shutdown running Office v.X applications connected to a network: "This is a denial of service vulnerability. A malicious user could use it to cause a running Office X application to fail, forcing the user to restart the application. Any unsaved data when the application crashed would be lost. "


by MacNN Staff

Post tools:

TAGS :

 software, business software

Related Articles

Recent Articles

toggle

Comments

  1. kevinvv

    Joined:

    0
    02/06, 11:33pm | report spam | Reply | delete

    Typical Microsoft.

    Typical.

  1. Joined:

    0
    02/07, 12:00am | report spam | Reply | delete

    i'll take ipfw to block.

    you can always just block udp and tcp traffic on the ports that this "feature" queries. the ports are somewhere around 2000 and 3000 i think.

    the security bulletin isn't found so far as i can tell so i can't tell what microsoft's fix is, but this should work.

  1. \0

    Joined:

    0
    02/07, 12:41am | report spam | Reply | delete

    Working URL

    www.microsoft.com/TechNet/security/bulletin/ms02-002.asp

    It still doesn't say much...

  1. jtrascap

    Fresh-Faced Recruit

    Joined: Jan 2001

    0
    02/07, 04:38am | report spam | Reply |

    IPFW, IMHO

    Sniff...

    Office seems to broadcast on UDP at port 2222, so:

    sudo ipfw add deny udp from any to any 2222

    and I'd suggest using something like Brickhouse to configure your firewall, otherwise you'll have to do it each time you login. Brickhouse is a great tool for maintaining a solid firewall (as is the Little Dutch Moose!)

    But actually there is an easier way: just use Office 98. It's faster anyway, an works better under X.

  1. Schamschula

    Fresh-Faced Recruit

    Joined: Nov 2006

    0
    02/07, 07:10am | report spam | Reply |

    I told you so...

    When word of this feature first became public, there was a big discussion with people complaining of not being able to run the same copy on multiple machines. Doing this has not gotten any more legal...

    At that time I raised the concern that any additional open port will lead to a security vulnerability. Well, here you have it...

    As far as Office 98 being better than Office v. X...
    ...is running Classic better than runing Aqua? (Think Stable[TM])

    Time to write a little startup script for ipfw. Maybe I'll tweek Portsentry as well.

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

MaxUpgrades MaxConnect for 2006-2008 Mac Pro

Nobody outside of Cupertino's privileged bunch knows the future of the Mac Pro line for sure. Despite Apple's reluctance to tell us wh ...

Brother HL-3170CDW LED Printer

We've mentioned before that we are far from a paperless society. For now, at least, there are tasks that require a piece of paper for ...

HTC One

It is hard to overstate just how critically important the HTC One is to the Taiwanese company’s fortunes. Despite its alarming decline ...

toggle

Most Commented

 

Popular News