Security 10816 Published by

Word, like other members of the Office product family, provides a security mechanism that requires the user´s approval to run macros.
By design, any time a document is opened Word scans it for macros. If any are found, they are handled in accordance with user´s selected security settings. By default in Word 2000 and 2002, only macros that are signed by a trusted party are enabled; all others are disabled. In Word 97, if the document contains macros, the user is prompted regarding whether to enable them or disable them.

A vulnerability results because it is possible to modify a Word document in such a way as to prevent the security scanner from recognizing an embedded macro while still allowing it to execute. Exploiting the vulnerability would enable an attacker to cause a macro to run automatically when such a document was opened. Such a macro would be able to take any action that the user herself could take. This could include disabling the user´s Word security settings so that subsequently-opened Word documents would no longer be checked for macros.

A patch is available to fix this vulnerability. Please read the Security Bulletin http://www.microsoft.com/technet/security/bulletin/ms01-034.asp for information on obtaining this patch.