Word, like other members of the Office product family, provides a security mechanism that requires user's approval to run macros. By design, anytime a document is opened the user would be notified if the document contains macros. In addition, this mechanism checks secondary documents that the original document links to, such as templates, and warn if any of those contain macros. This feature works by scanning the document or template for the presence of macros, alerting the user of their presence, and then asking the user if he wants to allow the macros to run. By embedding a macro in a template, and providing another user with an RTF document that links to it, an attacker could cause a macro to run automatically when the RTF document was opened. The macro would be able to take any action that the user herself could take. This could include disabling the userÃ????Ã???Ã??Ã?Â¢??s Word security settings so that subsequently-opened Word documents would no longer be checked for macros.
|| Windows 95/98/ME/NT/2000