SecureMac, Inc.

Computer security news. Just for Macs.

Get the latest computer security news for Macs and be the first to be informed about critical updates. Industry news, security events and all you need right at your fingertips. Malware threats change daily, so keep up to date on the latest developments to help ensure your privacy and protection. You can never be too safe.

Microsoft Security Bulletin MS01-028 RTF document linked to template can run macros without warning

Posted on May 21, 2001

Security Bulletin Issued by Microsoft May 21, 2001

The following is the list of vulnerable products:

  •         Microsoft Word 98 for the Mac
  •         Microsoft Word 2001 for the Mac



When Microsoft Word opens a RTF (Rich Text Format) file that contains a link to a template, only the RTF file is checked for macros. When a a macro is embedded into the template file that was opened from a link in the RTF file an attacker could set the macro to run automatically and execute commands without your authorization – you even knowing it.

Macros have the ability to run any command that the user would be able to run, from pasting text that says “j00 are 0wn3d” 3000 times to modifying the user’s security preferences in word so future documents aren’t checked for macros!


Microsoft Word 98 for the Mac:
English Download BinHqx Format
Japanese Download BinHqx Format
Microsoft Word 2001 for the Mac:
Office 2001 for Mac Service Release 1

For more instructions about the Mac OS versions of this security flaw visit Microsoft’s website

Facts About This Vulnerability

From the Microsoft Security Bulletin
The vulnerability only affects Word. Other Office products are not affected.
The vulnerability does not occur when opening Word documents, only when opening RTF documents, and even then only when the RTF document is linked to a template.

What Is a Template

From the Microsoft Security Bulletin
A template can be thought of as a skeleton document. For instance, a template of a research paper might define the needed styles, include pre-built headers and footers, and include any required boilerplate text. When a user needs to create a new research paper, she could use the template as a foundation upon which to develop her actual paper.

What Could the Macro Do?

From the Microsoft Security Bulletin

The macro would be able to take any action that the user herself could take on her machine. This would include adding, changing or deleting files, communicating with a web site, reformatting the hard drive, and so forth.

It’s worth noting that a macro also could change the user’s security setting. This could include disabling macro protection. As a result, if the user were attacked via this vulnerability, one of the outcomes could be that the user’s security settings would be reduced, and other macros that normally would be stopped by Word would now be able to run.

Join our mailing list for the latest security news and deals