Jan's Home Page

Chi Sau Tao Search Engines New Sites Plus.net Chi Sau Tao Kung Fu Check for new sites Jan's Crewe Page Check your firewall Hardware details The greatest Search Page Shareware Page Windows All Wing Chun Page Kung Fu Links Loading Menu Please Wait.......  

Look New Sites

 

XP Service pack 2 is now out get it here or here or here

 Get Firefox!

Check what runs at startup Start.zip

Fix problems with P2P after XP SP2. SP2 reduces tcpip to 10 connections only, often causing problems with P2P.

 You may even get a error Event ID 4226 this patch solves the problem tcip.zip

 from lvllord.de Be sure to choose cancel when windows tries to copy the old file back from the cache

 


 

 
 

New Vulnerability in MS Word

 

VERSIONS AFFECTED

 

  • Microsoft Word 2003 and 2002 (XP)

 

DESCRIPTION

 

Microsoft Word contains a protection-bypass vulnerability. By performing a simple process (outlined in the demonstration below), a malicious user can unprotect a protected document without the use of a password cracker or other special tools. 

 
DEMONSTRATION
 
The discoverer posted the following demonstration as proof of concept:

 

1.)    Open a protected document in Word.

2.)    Choose the Save As Web Page (*.htm; *.html) option and close Word.

3.)    Open the HTML document in any text editor.

4.)    Search the <w:UnprotectPassword> tag for a line that looks like: <w:UnprotectPassword>ABCDEF01</w:UnprotectPassword>. Gather the password.

5.)    Open the original .doc document with any hex editor.

6.)    Search for hex values of the password (reverse order).

7.)    Overwrite all four double-bytes with 0x00. Save, and close.

8.)    Open the document in Word. Select Tools, Unprotect Document. Password is blank.