[39] in sw-release-announce
Microsoft Office 98 and 2001 Security patch
daemon@ATHENA.MIT.EDU (Deborah Bowser)
Wed Jun 20 08:31:24 2001
Message-Id: <5.0.2.1.2.20010620074526.00a88290@po12.mit.edu>
Date: Wed, 20 Jun 2001 08:32:12 -0400
To: itpartners@MIT.EDU, macpartners@MIT.EDU, sw-release-announce@MIT.EDU
From: Deborah Bowser <bowser@MIT.EDU>
Cc: infosys@MIT.EDU, itag@MIT.EDU, swr-core@MIT.EDU
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Date: June 20, 2001
To: Members of the MIT Community, itpartners@mit.edu, macpartners@mit.edu,
sw-release-announce@mit.edu
Re: Microsoft Office 98 and 2001 Security patch
Cc: infosys@mit.edu, itag@mit.edu, swr-core@mit.edu
Good morning:
Microsoft has released a security patch for Microsoft Office 98 and 2001
for the Macintosh that affects Word documents only. This patch has been
installed and tested on various hardware and under several OS'. IS
recommends that users of both Office 98 and 2001, download and install this
patch.
Overview
-----------
Macro Vulnerability addresses a vulnerability that could allow malicious
code to run in a Rich Text Format (RTF) document without warning. Under
normal circumstances, you see a warning in Microsoft Word 98 or Word 2001
when you open a document attached to a template containing macros. However,
it is possible for an RTF document to be linked to a template containing
macros in such a way that a macro can run with no warning issued. This
could cause damage to data or allow unauthorized retrieval of data from
your system when you visit a Web site or open an e-mail message.
This security update prevents macros from opening without a security
warning. After you have installed the update, you will be warned before you
open an RTF document that contains a template or macro. You will still be
able to use templates, templates with macros, or Rich Text Format (RTF)
documents with macros.
The Vulnerability
----------------
The vulnerability affects Microsoft Word 98 and Microsoft Word 2001 for the
Macintosh. The vulnerability only affects Word and other Office products
are not affected. The vulnerability does not occur when opening Word
documents, only when opening RTF documents that are linked to a template.
Obtaining
----------------------
Users need to download and install the Service Release Update for 2001, or
the Combined Office 98 patch prior to installing the security patch.
For more information on the security patch for Office 2001 and Office 98
for Macintosh at MIT, and to obtain the security patch,
visit: http://web.mit.edu/is/help/office2001/pss.html and
http://web.mit.edu/is/help/word/pss.html, respectively.
Need help?
---------------------------
For specific questions or issues regarding Office 2001 or Office 98, you
can initiate a case log for the Computing Help Desk via
http://casetracker.mit.edu/ or send e-mail to computing-help@mit.edu.
Sincerely,
Deb Bowser
Software Release Team
