Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Microsoft Volume Licensing infringement?
From: Robert Kim Wireless Internet Advisor <evdo.hsdpa () gmail com>
Date: Mon, 30 Jan 2006 17:48:14 -0800

Steve, good point. thx

On 1/30/06, Steve Friedl <steve () unixwiz net> wrote:
On Mon, Jan 30, 2006 at 06:15:23PM -0600, Randall M wrote:
Anyone on here get an email from MS volume licensing services stating that
all XP office and 2003 professional needs updated to remove the 3rd party
Patent infringement?

Yes, its seems to be the real deal. I can't find the announcement on
Microsoft's site, but this one is representative of the ones I've seen.


       Microsoft Office: Action Required

       (01-27-06) - Background and Summary

       A recent decision from a court case has determined that
       certain portions of code found in Microsoft Office Professional
       Edition 2003, Microsoft Office Access 2003, Microsoft Office
       XP Professional and Microsoft Office Access 2002 infringe a
       third-party patent.  As a result, Microsoft must make available
       a revised version of these products with the allegedly infringing[*]
       code replaced.


It references a KB article on the Microsoft site which talks about Office
SP2 removing certain features:


       Because of legal issues, Microsoft has disabled the functionality in
       Access 2003 and in Access 2002 that let users change the data in linked
       tables that point to a range in an Excel workbook. However, when you
       make changes directly in the Excel workbook, the changes appear in
       the linked table in Access.

Volume licensees are *required* to install Office SP2 with new deployments,
but are only *requested* to do so for existing deployments. I'm not sure
that they can require anybody else to do this, though bundling the "fix"
in with other stuff which was released months ago means that lots of people
probably have it by now.

I think this undermines a lot of the perceived benefits of Microsoft's
indemnification, which is one of their features over open source. It
doesn't mean they'll go to the mat for the users, it just means that
they'll quietly disable functionality and tell us about it we've installed
the service pack containing the disablement.

Anybody can do *that*.


[*] Seen elsewhere: "allegedly infringing"? If a court ruled, it's not "alleged"
   any more.

Stephen J Friedl | Security Consultant |  UNIX Wizard  |   +1 714 544-6561
www.unixwiz.net  | Tustin, Calif. USA  | Microsoft MVP | steve () unixwiz net
Robert Q Kim, Wireless Internet Advisor

2611 S. Pacific Coast Highway 101
Suite 102
Cardiff by the Sea, CA 92007
206 984 0880
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]