Malformed Word Document Can Enable Macro to Run Automatically

Reported June 21, 2001, by Microsoft.



  • Microsoft Word 2002, Microsoft Word 2000, Microsoft Word 98(J), and Microsoft Word 97


A vulnerability exists in Microsoft Word that lets an attacker modify a Word document in a way that prevents the security scanner from recognizing an embedded macro while still letting the macro execute. This vulnerability lets an attacker run a macro automatically when a user opens the document. Such a macro can take any action that the user can take, including disabling the user’s Word security settings so that the user can no longer check subsequently opened Word documents for macros.



The vendor, Microsoft, has acknowledged this vulnerability and recommends that users immediately apply the applicable patch contained in Security Bulletin MS01-034. 


Discovered by Steven McLeod.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.