Antipiracy tool leads to DoS in Office for Mac

A security vulnerability in an antipiracy tool included in Microsoft Corp.'s Office v. X for the Macintosh can allow an attacker to crash applications in Office, Microsoft said in a bug alert Thursday. The company has released a patch to fix the problem.

The vulnerability is in the Network Product Identification Checker component of Office v. X, a tool which checks the local network that the copy of Office is running on for other copies using the same Product Identifier (PID), a number similar to a serial number, Microsoft said. Each copy of Office v. X periodically "announces" its PID to the network and if two copies of Office v. X on a single network share the same PID, the application shuts down.

When a specially formulated announcement is sent to a machine or over the network, the Network PID Check component incorrectly handles it and can cause Office v. X to crash, the company said. When such a specially formulated packet is sent, only the first application opened after Office is launched will crash, though unsaved data could be lost, Microsoft said. The attack could be directed against a single machine, using its IP (Internet Protocol) address, or against an entire local network, the company added.

The attack can be blocked, Microsoft said, by stopping certain kinds of traffic at the firewall and applying the patch. The attack has no further impact beyond crashing Office, Microsoft said.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Sam Costello

PC World

Comments

Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?