Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Microsoft Word documents that "phone" home
From: James Hoagland <hoagland () SILICONDEFENSE COM>
Date: Thu, 31 Aug 2000 09:22:20 -0700

This loading of external URLs could also be used to cause the viewer
of the document to visit web sites they did not intent and that they
might catch some heat for doing (e.g., porn sites).  Web page authors
already have this ability, though in the document case, it may be
possible to obscure the origin of the document.

I wonder if this could be used as a part of a DDOS against a site.
Perhaps including lots of references to images on the victim site.

Just some random thoughts.



At 10:52 AM -0400 8/30/00, Richard M. Smith wrote:

The Privacy Foundation has just released an advisory
on an issue that we discovered earlier this month
in Microsoft Word.  We found that it is possible to
embedded "Web bugs" in Word documents.  The Web bugs
allow the author of a document to track via the Internet
where a document is being read.  The trick could be used
to monitor leaks of confidential documents from a
organization to outsiders as well as detecting
copyright violations.  In addition, it is also
possible to place Web bugs in individual paragraphs
and detect when the text is copied from one Word
document to another.

The complete advisory is available at the Foundation's
Web site:


A demonstration "bugged" document for Word 97 and Word 2000
has been set up at:


We also found that Excel 2000 spreadsheet files and
PowerPoint 2000 slideshows can be "bugged" in the same


Richard M. Smith
Chief Technology Officer
Privacy Foundation

Email: rms () privacyfoundation org

|*   Jim Hoagland, Associate Researcher, Silicon Defense    *|
|*               hoagland () SiliconDefense com                *|
|*  Voice: (707) 445-4355 x13          Fax: (707) 826-7571  *|

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]