Sebastian Gottschalk wrote:
> Nonsense. MS Word is insecure by design, so every untrusted document has to
> be validated and normalized before opening it. (Common tools for doing so
> are OpenOffice and AbiWord...)
My point being that OpenOffice crashes upon opening of the document,
despite the validation. And my comment was about virus scanners picking
it up, and since it's a new exploit, more AV suites will soon follow in
detection of this malicious code, but that caution is needed in the
meantime. So you probably misread what I was getting at.

I'm even willing to go further. If you -must- distribute a document with
layout and graphics in place, do so in a portable format that can be
opened on any system, like RTF, OpenDocument (which is an ISO standard
if I recall correctly) or PDF, to name a few, depending on your needs.
I'm quite opposed to the widespread use of Word documents as general
text processing format to be sent to others. Not to mention using Word
documents as e-mail bodies like some people do, often not even realising
it can't easily be opened or read on, say, a Linux system...
Simply put: too many bells and whistles to the format which causes the
potential risk of the document viruses and exploits we've seen over the
years; this one no different.

I thought this was of note since the exploit apparently uses a common
component that is -not- specific to Microsoft Word, and also crashes
OpenOffice. A warning in place for people that will likely have multiple
documents open that, with a crash of the program, may lose data.

But no matter how much you hate Microsoft, the Office suite is in use by
quite the chunk of the administrative offices around the world, so you
can expect the format to be widespread (since a lot of people don't seem
to know what "save as..." does, or what format to choose instead of the
default in that case)

MC