I don’t want to get too sidetracked here, this is primarily a place for funny stories, pictures, and fun.
HOWEVER, I couldn’t help but laugh when I read this story about a zero-day exploit in MS Word.
I don’t even know what that means, and this article doesn’t tell you which, by the way, isn’t the funny part. (I don’t like viruses, exploits, and the people that think they accomplish something with them et al. I think they are counterproductive in the extreme and don’t prove much more than you, the virus writer, are a major jerk.) The funny part, and what made me laugh was this line quoted from the article.
There are no pre-patch workarounds available.
Microsoft suggests that users “not open or save Word files,” even from trusted sources.
It is entirely possible that this quote snippet is unduly divorced from relevant context, snippets like this often are, right?
SO, I did a little due diligence and found the full quote (and lots of context) on the security advisory linked in the article. It reads,
Microsoft has tested the following workarounds. While these workarounds will not correct the underlying vulnerability, they help block known attack vectors. When a workaround reduces functionality, it is identified in the following section.
Do not open or save Word files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources. This vulnerability could be exploited when a user opens a specially crafted Word file.
OOOOkay.
Probably, there is enough of a difference in emphasis between the snippet and the advisory that if I were MS I would take issue with the misrepresentation. There is a lot more text in the advisory but the value proposition is not high.
Workaround?
This isn’t a workaround. This is pretty much just an ‘around’. No work. Speaking of which, did they actually test that workaround?
Wow, that was easy.
-See that icon with the big blue W?
Uh, Yeah.
-Don’t click it.
Hey cool! I didn’t get attacked!
-Test complete.
And then, not unlike a falling tree making/not making noise in a forest, how much functionality is actually reduced when you don’t use a tool at all?
All of it?
None of it?
Some of it? If so, which part?
The functionality is still technically there, we…are…just…well, we’re advising you not to use it.
’nuff said
blief 
Okay then. After reading that I only have one thing to say; I still love little Ms’. Peanut and Maple.
LikeLike
The selective snippet, presumably posted by a disgruntled MS program user — maybe even a MAC-nut (sorry Grandson; no offense, OK?), is similar to the stuff adverse politicians use to disparage their opponents’ statements: a little of this and a little of that, put it all together and it sounds like the guy said the opposite of what he really said!
By the way, Grandson, Thank you for alerting your old gray-headed (at least I still have hair up there!) GGG on the AdAware and SpyBot programs! With them, and my Grisoft antivirus, I can’t worry about infections —
I even had a GHC flu shot this Fall!!
And further, I KNOW that MAC is superior to MS-machines; I would have gone that way if I had had a local guru (like you, Grandson) to help me up out of the holes I inevitably dig myself into!
GGG.
LikeLike