CoNetrix

Blog: Word

I think we all know better than to download executable programs (.exe's) from untrusted sources and run them.  Opening a Word document from an untrusted source could be dangerous.  Now, even opening a PDF file on a fully patched Windows machine with excellent, up-to-date anti-virus and malware software could cause your machine to get owned.

Didier Stevens, who has written some great PDF analysis tools, published a disturbing blog post the other day.  He demonstrates how to use an existing feature in PDF to execute a program on someone's computer when they open the document.  Adobe Acrobat Reader displays a message first, but the message can be changed to social engineer someone into clicking the Open button on the message.  And my favorite PDF reader, Foxit, does not even display this message.  Disabling javascript does not help. [more]

Here is the link to his article: http://blog.didierstevens.com/2010/03/29/escape-from-pdf/

I downloaded his extremely simple example and in a few seconds changed it run a batch script instead of cmd.exe.  It looks it would be trivial to make it run any sequence of commands desired.  Depending on the PDF viewer used on other operating systems such as Linux or Mac OS X, this same technique will work there.

When using Google, one might consider clicking on Quick View or View as HTML instead of viewing the actual the PDF file.

UPDATE:  Adobe finally responded to this, explaining simply how to disable this feature.  This sounds like a good thing to do for most users. http://blogs.adobe.com/adobereader/2010/04/didier_stevens_launch_function.html

Security and Compliance, PDF, Linux, Adobe, Mac, Security, Word,
 

I have had problems with Word crashing when I try to open a document, particularly when online and opening a Word document on the file server.  I can usually get it to work if I open Word first and then open a document but even that doesn't work at times.

I finally found a post online mentioning problems with add-ins.  I looked at the add-ins and my Adobe Acrobat installation had installed a PDF add-in, my scanning application had installed 2 PDF add-ins and I had the add-in from Microsoft to create PDF files.  I disabled the PDF add-ins and have not had the problem since. [more]

Also, under Vista,  in order to remove most of the add-ins, I had to have administrative access by running Word as administrator.  There isn't a "Run as administrator" option when I right-click on the short-cut.  I had to find the actual WINWORD executable and right-click on it to run as administrator.

Networking, Windows Vista, Word 2007, Word,
 

Access keys provide a way to quickly use a command by pressing a few keys, no matter where you are in the program. Every command in Office Word 2007 can be accessed by using an access key. You can get to most commands by using two to five keystrokes. To discover and use an access key: [more]

  1. Press ALT while in MS Word 2007 and the KeyTips will be displayed over each feature that is available in the current view.

    The above image was excerpted from Training on Microsoft Office Online.
  2. Press the letter shown in the KeyTip over the feature that you want to use.
  3. Depending on which letter you press, you may be shown additional KeyTips. For example, if the tab is active and you press I, the tab is displayed, along with the KeyTips for the groups on that tab.
  4. Continue pressing letters until you press the letter of the command or control that you want to use. In some cases, you must first press the letter of the group that contains the command.
  5. To cancel the action that you are taking and hide the KeyTips, press ALT.

 

General, Word 2007, Office, Word,