Microsoft Word provides an option to protect “forms” by password. This is used to ensure that unauthorized users cannot manipulate the contents of documents except within specially designed “form” areas. This feature is also often used to protect documents which do not even have form areas (quotations/offers etc.).

This form protection can easily be removed without any additional tools (apart from a hex-editor).

Please find the full advisory attached.

best regards,

/tdk

—

Thorsten Delbrouck

Chief Information Officer

Guardeonic Solutions AG

Rosenheimer Str. 116

D-81669 Munich

By Patrick Gray, SecurityFocus

The first new security vulnerability to emerge from last week’s Microsoft source code leak crossed a security mailing list over the weekend, reigniting debate over the seriousness of the leak.

The vulnerability affects Internet Explorer 5 and various versions of Outlook Express. It was unearthed in code the two programs use to process bitmap image files, and affects the software on several versions of Windows, including 98, 2000 and XP. While some systems appear to be immune to the glitch, a proof-of-concept exploit that was posted to the Full Disclosure mailing list crashes Outlook Express 6 on Windows XP systems. Service Pack 1 appears to correct the vulnerability.

The exploit is a carefully-constructed bitmap file that “clobbers the stack” with data when opened in a vulnerable application, according to the author of the exploit, who calls himself “GTA.” By corrupting a targeted system’s memory in a controlled way, an attacker could likely use the flaw to execute arbitrary code on a vulnerable machine.

While some commentators expect last week’s source code leak to lead to the release of a plethora of exploits, others are more conservative. The original author of the Dragon Intrusion Detection System and CTO of Tenable Network Security, Ron Gula, is reserving his judgment.

“Yes, there are tons of new eyes looking at this Microsoft source code, but these people will do the same sort of analysis that has already been done,” he said. “People who have been finding new holes in XP and Windows 2000 have done so without knowledge of the source. But the bottom line is that we don’t know.”

Gula pointed out that historically the exposure of source code had not spelled catastrophe for vendors. “Cisco IOS has been ‘out there’ for a long time as well and we have not seen huge spikes in Cisco vulnerabilities,” he said.

Others, like U.S. Department of the Interior security systems specialist Robert Ferrell, point out the source code that hit peer-to-peer networks last Friday was fairly old, but concede some new vulnerabilities will most likely be uncovered. “I’d wager… that the majority of the vulnerabilities in this code have already been discovered and patched,” he said in an e-mail interview. “[That’s] not to say that there won’t be further exploits… I think that’s more or less a given.”

A security researcher with Miscname.com, who did not wish to be named, tested GTA’s exploit, and said the basic proof-of-concept file could easily be modified to execute arbitrary code on vulnerable systems. He said a particular concern is the vulnerability appears to be eradicated by a Service Pack, instead of a stand-alone patch or “hotfix”. Because of the strict licensing controls on Windows XP, those using a pirated copies of the operating system would not be able to download the service pack, he said, which could create problems for the wider online community.

Systems in countries where piracy is rampant could be left exposed if a specific patch is not released by Microsoft, he said. These vulnerable hosts could be compromised and loaded with denial of service “zombie” agents, keystroke loggers, or used as spam relays, a problem that would affect everyone, he said. “The last thing that we need out there is more zombies.”

Source:

http://www.securityfocus.com/

The source code is available here:

http://www.astalavista.com

Confirmed late last week that segments of the confidential source code underlying the popular Windows operating system have been leaked onto the Internet. The leak was relatively small, little more than one percent of the hundreds of millions of lines of instructions that make up the complex software. But Windows is the world’s most widely-used operating system, running on about 90 percent of all personal computers. The leak could threaten Windows’ reliability and its dominance of the market.

Federal law enforcement agents are investigating the details surrounding the Windows source code leak. But computer users are probably going to be less concerned about nabbing the culprit than about the potential damage the leak might cause to their favorite operating system. Although most of the leaked source code appears to be the basis for the older Windows NT 4.0 and Windows 2000 operating systems, Microsoft’s Windows XP and many of its other new software products are also based on some of that older source code. And while only about 600 megabytes about one CD-ROM’s worth, of the Windows instructions were revealed in the leak, that still represents roughly 13 million lines of code.

Many computer security experts believe that 13 million lines would give virus writers plenty to work with to create new threats to Windows-based computers. Martin Roesch is the chief technology officer for Sourcefire, a firm that specializes in detecting intrusions to computer systems.

“There’s certainly a good chance that there’s going to be some software in there that people figure out is still in widespread use,” he said. “With as much code as we’re talking about here, there’s a definitely a pretty good chance that there’s going to be some near-term attacks that result from this.”

In fact, within four days of the code leak, a new vulnerability was discovered in Internet Explorer 5, an older version of Microsoft’s popular web browsing software that comes bundled with Windows. The vulnerability won’t impact newer versions of the browser.

Some computer security experts have played down the significance of the code leak. After all, they point out, many of the viruses that attack Windows – and there have been many – of them were designed prior to the source code leak. And Bob Fleck, Director of Security Services at Secure Software, notes that many people outside Microsoft were already familiar with a good portion of the Windows source code.

“That’s because Microsoft already has an initiative called the Shared Source Initiative, where universities, partners and other governments have access to the source code for doing their security research,” said Bob Fleck. “A lot of people can already see this stuff.”

Microsoft’s Shared Source Initiative appears to be at least partly to blame for the leak. The program allows trusted organizations such as government agencies, universities and private companies to gain access to selected parts of Microsoft source code that they need for research and product development. The code is released under strict guidelines that limit how the information can be used. Despite the serious legal consequences for anyone leaking the confidential source code, many industry experts say they’re surprised that the leak didn’t occur sooner.

In addition to the millions of computer users concerned about security after the leak, Microsoft itself has reason to be concerned. The company’s intellectual property is being distributed without its permission and outside its control. While it is highly unlikely that 1.5 percent of the source code could form the basis of a competing version of the Windows operating system, some of that code could still be of use to Microsoft’s competitors. It might enable them to make software designed to run in Windows work better on competing operating systems.

The question of whether it is legal to make any use of the liberated code – even read it – has sparked a debate among programmers and legal scholars. Bob Fleck echoes the concerns of many programmers who contribute to the free open source operating system, Linux.

“Everything I’ve seen so far in comments from people in the open source community has indicated that they’re being very wary and saying, ‘Nobody look at this.’ This could have very bad repercussions if we’re seen to be looking through Microsoft source code in order to get ideas,” he said. “A developer who was known to have looked through Microsoft source code, in particular this leaked source code, could have a negative legal impact on projects they worked on in the future.”

Some Linux programmers are already under legal attack, for alleged copyright infringement. SCO Group, a private software company, claims that significant portions of its UNIX source code were introduced into Linux without the company’s permission. Linux advocates and users fear similar lawsuits from Microsoft could be brought to trial if portions of the leaked Windows code somehow turn up in new versions of Linux.

But Christine Farley, an associate professor of law at American University in Washington, DC, says the leaked Microsoft source code may not be as dangerous for developers to see as some believe.

“Why Microsoft people would be in a tizzy right now, is that if this is being widely distributed and it seems that it is, they might lose their trade secrets protection in the source code,” she explained. “So this is something like a significant portion of Coke’s formula for their Coca-Cola being distributed over the Internet. Once a trade secret is no longer secret, it’s no longer intellectual property that you can protect under the law.”

The source code leak might not be all bad news for Microsoft. Some industry analysts have predicted that users of older Windows operating systems might be persuaded to upgrade to the company’s latest products to minimize their security risk. But others predict that Windows users might be more willing now to switch to alternate operating systems such as Linux or Apple’s Mac OS-X. If they perceive the risks of using Windows outweigh the hassles of buying new software or even new computers, many users could find making the switch away from Windows has become a whole lot easier.

Source:

http://www.voanews.com/