[16457] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post
Re: Microsoft Word documents that "phone" home

daemon@ATHENA.MIT.EDU (Microsoft Security Response Center)
Thu Aug 31 04:58:22 2000

Mime-Version: 1.0
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=SHA1;
              boundary="----=_NextPart_000_003B_01C012BE.EB734460";
              protocol="application/x-pkcs7-signature"
Message-Id:  <C10F7F33B880B248BCC47DB44673884703289E@red-msg-07.redmond.corp.microsoft.com>
Date:         Wed, 30 Aug 2000 20:14:37 -0700
Reply-To: Microsoft Security Response Center <secure@MICROSOFT.COM>
From: Microsoft Security Response Center <secure@MICROSOFT.COM>
X-To:         "Richard M. Smith" <rms@PRIVACYFOUNDATION.ORG>
To: BUGTRAQ@SECURITYFOCUS.COM

This is a multi-part message in MIME format.

------=_NextPart_000_003B_01C012BE.EB734460
Content-Type: text/plain;
	charset="Windows-1252"
Content-Transfer-Encoding: 7bit

Microsoft has posted a response to this advisory,
entitled "Cookies and Word Documents", available at
http://www.microsoft.com/technet/security/cookie.asp

It is also accessible under "Headlines" at
www.microsoft.com/security

Regards,
Secure@Microsoft.com


-----Original Message-----
From: Richard M. Smith [mailto:rms@PRIVACYFOUNDATION.ORG]
Sent: Wednesday, August 30, 2000 7:53 AM
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Microsoft Word documents that "phone" home


Hi,

The Privacy Foundation has just released an advisory
on an issue that we discovered earlier this month
in Microsoft Word.  We found that it is possible to
embedded "Web bugs" in Word documents.  The Web bugs
allow the author of a document to track via the Internet
where a document is being read.  The trick could be used
to monitor leaks of confidential documents from a
organization to outsiders as well as detecting
copyright violations.  In addition, it is also
possible to place Web bugs in individual paragraphs
and detect when the text is copied from one Word
document to another.

The complete advisory is available at the Foundation's
Web site:

   http://www.privacyfoundation.org/advisories/advWordBugs.html

A demonstration "bugged" document for Word 97 and Word 2000
has been set up at:

   http://www.privacycenter.du.edu/demos/bugged.doc

We also found that Excel 2000 spreadsheet files and
PowerPoint 2000 slideshows can be "bugged" in the same
manner.

Richard

================================================
Richard M. Smith
Chief Technology Officer
Privacy Foundation

Email: rms@privacyfoundation.org
http://www.privacyfoundation.org
================================================

------=_NextPart_000_003B_01C012BE.EB734460
Content-Type: application/x-pkcs7-signature;
	name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
	filename="smime.p7s"

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIH9DCCA2Yw
ggLPoAMCAQICEA2LT+6q0hhb9HVqnSnhf/swDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMx
FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5
IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4MDUxMjAwMDAwMFoXDTA4MDUxMjIzNTk1OVow
gcwxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3
b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvUlBBIEluY29ycC4gQnkg
UmVmLixMSUFCLkxURChjKTk4MUgwRgYDVQQDEz9WZXJpU2lnbiBDbGFzcyAxIENBIEluZGl2aWR1
YWwgU3Vic2NyaWJlci1QZXJzb25hIE5vdCBWYWxpZGF0ZWQwgZ8wDQYJKoZIhvcNAQEBBQADgY0A
MIGJAoGBALtaRIoEFrtV/QN6ii2UTxV4NrgNSrJvnFS/vOh3Kp258Gi7ldkxQXB6gUu5SBNWLccI
4YRCq8CikqtEXKpC8IIOAukv+8I7u77JJwpdtrA2QjO1blSIT4dKvxna+RXoD4e2HOPMxpqOf2ok
kuP84GW6p7F+78nbN2rISsgJBuSZAgMBAAGjgbQwgbEwEQYJYIZIAYb4QgEBBAQDAgEGMDUGA1Ud
HwQuMCwwKqAooCaGJGh0dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTEuMS4xLmNybDBHBgNVHSAE
QDA+MDwGC2CGSAGG+EUBBwEBMC0wKwYIKwYBBQUHAgEWH3d3dy52ZXJpc2lnbi5jb20vcmVwb3Np
dG9yeS9SUEEwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQECBQADgYEA
QnwO34x5TKy/COxNVS9QiaDFXk4uXpUym3mtZRELHEpSxNWoMSGO3hCbbAjFB+YDuefINHgJCfK8
BkL4WoyD0YreqiL12eMh0s9ljAYzsM0gsjPNCr0+4Z3BNalksKelJFvp8WjrE8R8N/SUZA2axb0z
F++DM6A+5ao+rthzH60wggSGMIID76ADAgECAhAFW6O2XDQrpbsyUnX/rOAiMA0GCSqGSIb3DQEB
BAUAMIHMMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3Qg
TmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L1JQQSBJbmNvcnAu
IEJ5IFJlZi4sTElBQi5MVEQoYyk5ODFIMEYGA1UEAxM/VmVyaVNpZ24gQ2xhc3MgMSBDQSBJbmRp
dmlkdWFsIFN1YnNjcmliZXItUGVyc29uYSBOb3QgVmFsaWRhdGVkMB4XDTk5MTIzMDAwMDAwMFoX
DTAwMTIyOTIzNTk1OVowggEqMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVy
aVNpZ24gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5
L1JQQSBJbmNvcnAuIGJ5IFJlZi4sTElBQi5MVEQoYyk5ODEeMBwGA1UECxMVUGVyc29uYSBOb3Qg
VmFsaWRhdGVkMTQwMgYDVQQLEytEaWdpdGFsIElEIENsYXNzIDEgLSBNaWNyb3NvZnQgRnVsbCBT
ZXJ2aWNlMSswKQYDVQQDFCJNaWNyb3NvZnQgU2VjdXJpdHkgUmVzcG9uc2UgQ2VudGVyMSMwIQYJ
KoZIhvcNAQkBFhRzZWN1cmVAbWljcm9zb2Z0LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
gYEAuafK0KY7jxRWX/ii7REot/dZP/KDsOsziDseqHVDBX7pX9HJUpryp/Lm3Hznkf+J9LkxobwZ
zDtMz/4OsSqA8BSM2P+QzWNlZme8CyMab38A4wU0gHcOd7etKyc7PD5gduhYGyevQWPq57Ed8YPh
1KJPgSL2Euhkx1M5sEHaJxECAwEAAaOCAQYwggECMAkGA1UdEwQCMAAwgawGA1UdIASBpDCBoTCB
ngYLYIZIAYb4RQEHAQEwgY4wKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9D
UFMwYgYIKwYBBQUHAgIwVjAVFg5WZXJpU2lnbiwgSW5jLjADAgEBGj1WZXJpU2lnbidzIENQUyBp
bmNvcnAuIGJ5IHJlZmVyZW5jZSBsaWFiLiBsdGQuIChjKTk3IFZlcmlTaWduMBEGCWCGSAGG+EIB
AQQEAwIHgDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLnZlcmlzaWduLmNvbS9jbGFzczEu
Y3JsMA0GCSqGSIb3DQEBBAUAA4GBADmfkDIvEguiQBuI/YXWT22bRzz7CdKPIO4NsjeiARnEJIrs
Urbh/kH2L9T+v6NeLp94JNQhBZjb49mvXndQIe624TPo3YbEuM3WbyHr1OwEM32OmRTX4un3kJbH
l4Lyg9JEiL4csPbFLuL77oGDeMLYmCURRwwlCpuC9vgrNqV7MYIDVjCCA1ICAQEwgeEwgcwxFzAV
BgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMUYw
RAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvUlBBIEluY29ycC4gQnkgUmVmLixM
SUFCLkxURChjKTk4MUgwRgYDVQQDEz9WZXJpU2lnbiBDbGFzcyAxIENBIEluZGl2aWR1YWwgU3Vi
c2NyaWJlci1QZXJzb25hIE5vdCBWYWxpZGF0ZWQCEAVbo7ZcNCuluzJSdf+s4CIwCQYFKw4DAhoF
AKCCAcowGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDAwODMxMDMx
NDM2WjAjBgkqhkiG9w0BCQQxFgQUBI32LSdaUslSPhoDvUW9TCVFvqMwdgYJKoZIhvcNAQkPMWkw
ZzAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwBwYFKw4DAgcwBwYFKw4DAgcwDQYIKoZIhvcN
AwICASgwBwYFKw4DAhowBwYFKw4DAhowCgYIKoZIhvcNAgUwCgYIKoZIhvcNAgUwgfIGCSsGAQQB
gjcQBDGB5DCB4TCBzDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWdu
IFRydXN0IE5ldHdvcmsxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9SUEEg
SW5jb3JwLiBCeSBSZWYuLExJQUIuTFREKGMpOTgxSDBGBgNVBAMTP1ZlcmlTaWduIENsYXNzIDEg
Q0EgSW5kaXZpZHVhbCBTdWJzY3JpYmVyLVBlcnNvbmEgTm90IFZhbGlkYXRlZAIQBVujtlw0K6W7
MlJ1/6zgIjANBgkqhkiG9w0BAQEFAASBgBhUr8vkqq8Wx9dHxBFDMIBMp/11ukZqoBRQcgybG9y7
7RO+D0zhKglCeV2vWQIEDyvtOyMnjl5dV5dkZVJNi4wfVJwnlSpa9HDb3VWa0hhDoiLGStTp+b8Q
1d1Qe5ZgVcJ/FrVk6H3kEOHqcOw/vqAmFd5KGon+r9F7TJPzlOsxAAAAAAAA

------=_NextPart_000_003B_01C012BE.EB734460--

home	help	back	first	fref	pref	prev	next	nref	lref	last	post
[16457] in bugtraq

Re: Microsoft Word documents that "phone" home

daemon@ATHENA.MIT.EDU (Microsoft Security Response Center)Thu Aug 31 04:58:22 2000

daemon@ATHENA.MIT.EDU (Microsoft Security Response Center)
Thu Aug 31 04:58:22 2000
