Flaw in Microsoft Word Could Enable Macros to Run Automatically

A vulnerability exists because an attacker can craft a malicious document that will bypass the macro security model. If the document was opened, this flaw could permit a malicious macro embedded in the document to be executed automatically, regardless of the level that the macro security is set to. The malicious macro could take the same actions that the user had permissions to carry out such as adding, changing, deleting data or files, communicating with a Web site, or formatting the hard disk.

Affected Software:
Microsoft Word 97
Microsoft Word 98 (J)
Microsoft Word 2000
Microsoft Word 2002
Microsoft Works Suite 2001
Microsoft Works Suite 2002
Microsoft Works Suite 2003

Severity level: Important

:arow: View: MS Security Bulletin MS03-035 & download locations

View: Microsoft Knowledge Base Article - 827653