Bonum Certa Men Certa

Taking Microsoft OOXML to Task

Any Windows/Office debuggers in the audience?

The following is a reproduction of a new post from Rex Ballard (I started this discussion thread), whose previous post we quoted the other day.




Message-ID: <31a66169-d9e7-4715-9e9e-e3488ebd36a9@25g2000hsx.googlegroups.com> From: Rex Ballard <rex.ballard@gmail.com> Newsgroups: comp.os.linux.advocacy Subject: Re: Leaked ISO Document Reveals Crooked ISO Amid MS OOXML Corruptions Date: Sat, 12 Jul 2008 08:20:23 -0700 (PDT)

[...]

ODF is a comprehensive document that provides detailed specifications from the high level document content down to the smallest elements of scalable vector graphics. There are some "standard" mime object types that are supported, such as PNG and JPEG, but other embedded formats must be installed using plug-ins which have to be authenticated by the user and by the system at installation time, and cannot be installed by the content. Furthermore, the installed content can easily be identified as trustworthy or not, and can be restricted in it's capabilities.

OpenXML on the other hand, is a high-level specification which describes the high level envelopes used to embed binary objects which are included in the content. The content itself contains the binary code which can call any function in any Microsoft library and has all permissions of the person opening the document. If a user account is set up as "Administrator", then the application can mess with the registry, create, download, and hide files, can execute applications in those files, can install any number of new viruses, and generally wreak havoc on the system.

I'll leave it to others to document the exact details (as I said, I'm busy these days), but I'm sure anyone who tries to publish these vulnerabilites will probably find themselves getting the same treatment that Tracy Reed of Ultraviolet.org got when he tried to publish his warnings about ActiveX controls back in 1997. Microsoft got a court injunction against him, and forced him to take down the content, claiming that it was being used to encourage hacking, and was damaging the Microsoft brand.

“I got a couple of docx documents and had trouble getting them to open, even with the plug-in for Office XP. Next thing I know, I get a notice from my registry auditor that I have 1300 new registry errors.”Over the last 10 years, we've seen these very same techniques, documented back in 1997, used widely to spread viruses including Melissa, Nimda, Sky, BugBear, and about 250,000 other viruses, worms, and malware, not including spy-ware and other "Microsoft Authorized" invasions of our privacy.

I got a couple of docx documents and had trouble getting them to open, even with the plug-in for Office XP. Next thing I know, I get a notice from my registry auditor that I have 1300 new registry errors. And suddenly, my PC is churning the disk-drive and the network connection at 3:00 AM (I'm getting old and have to get up), and the network shows that I'm uploading something at full speed, even though my computer is supposedly sleeping.

It isn't a back-up program that I'm running.

I would encourage COLA readers and OSS advocates to explore this in more detail.

get someone with Office 2007 to send you a docx file. unzip it using pkzip or winzip or unzip.

look at the binary files.

replace one binary object with another.

zip up the document,

see if your office-2007 user can read the "enhanced" document.

For those of you with OLE programming skills, create an OLE object that creates a file, and e-mails that file to you using smtp.

Send a document with this new ole object embedded (along with the others) and see if you get an e-mail.

I haven't tried this, and I don't know if it will work. I'm not sure how hard it would be to make it work. I just think it might be an interesting project worth investigating, especially if you are considering the migration of a few thousand users to Vista and Office 2007.

I'd love to see what the results turn out to be. After all, if it's that easy to take control of a recipient's machine just by sending them a "trusted" Word, Excel, or PowerPoint attachment, just think how much chaos a really aggressive malicious hacker, with a goal of obtaining marketable information about your business, could do.




Does ISO really want to approve such a 'virus'? As an international standard even? If someone tests the above, please post the outcome here or elsewhere. It would prove invaluable.

The last time a chain of ISO problems was cited, Ian Easson challenged an argument from Groklaw. He might wish read the following lengthy follow-up. ISO is in a deeper puddle of mud than before.

Brazil is a P member of SC 34, so according to my reading of the clause, it has the right to appeal if any of the three above issues apply, and arguably they all do. According to South Africa, if the issue is ISO's reputation, or if there is a matter of principle involved, Brazil can appeal. Even point three could apply, in that Brazil raises matters such as incorrect tabulation of votes, which, if true, one would hope ISO wasn't aware of.

[...]

Why did they bother to go, one might ask? Why vote, if votes disappear from the record? By my reading, Brazil paints a picture of an orchestrated event, tilted away from criticism or a negative result and a refusal to give substantive consideration to issues delegates wanted to discuss, due to time constraints Brazil calls arbitrary, and worse.


For details about the BRM in question, see [1, 2, 3, 4, 5, 6, 7, 8] and have your jaw sink to the floor. It was a bad plan from the get-go [1, 2, 3, 4, 5], but Emperor Microsoft was in a hurry and it even used its lobbyist Jan Van Den Beld to change the rules 'on the fly'.

OOXML protests in India
From the Campaign for Document Freedom

Recent Techrights' Posts

Microsoft's Nat Friedman Became Unemployed the Same Time the SLAPPs Against Techrights Started Coming From His Friends (Weeks After We Had Exposed Scandals About Him and the Serial Strangler, His Best Friend, Who Got Arrested a Few Days Later)
Nat Friedman is not "Investor, entrepreneur"
Weeding Out Extremism in Our Community
To me it seems like Microsoft Lunduke is rapidly becoming like a "hate preacher" who operates online, breeding an extremist ideology or trying to soften its image
Censorship Versus Fact-Checking and Quality Control
It's not censorship but a matter of quality control
Gemini Links 07/07/2025: BaseLibre Numerical System and TUI Rant
Links for the day
Two Risks to Companies: The Microsoft Culture and the Microsoft Tools
Novell was killed by a form of "social engineering" by Microsoft
It's Hard to Trust People Who Worked - Not Only Those Who Still Work - at Microsoft
Bryan Lunduke is just what people would call an "arsehole of a person"
 
The Nasty Smear (and Stereotype) of "Neckbeard" or "Greybeard" is Ageism
This is the sort of stuff they might try to volley at critics of Wayland
Why Many of Us Use X Server and Will Continue to Use It For Many Years to Come
Don't make this about politics
Brett Wilson LLP Uses Threats to Demand Changes to Pages or Removal of Pages Without Even Revealing Which Staff Member Does That (Sometimes People From Another Firm!)
This has been in the public for years
Dan Neidle Said "It Really Then Became a Job of Tormenting" Lawyers Like Brett Wilson LLP (Who Threatened Him for Exposing Crimes, Just Like They Threatened My Wife a Few Months Later)
he and his wife decided to take on the evil people and their evil lawyers
Large Language Models (LLMs) Externalise Their Cost to the Free Software Foundation (FSF)
"The forty-sixth Free Software Bulletin is now available online!"
Reinforcing the Allegations Some More, Bryan Lunduke Digs His Own Grave
In his latest episodes he merely repeats his own lies, which I debunked using evidence right from his own mouth
Global Warming and Free Software as a Force of Mitigation
we'll need to think about Software Freedom, not just brands like "Linux"
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, July 06, 2025
IRC logs for Sunday, July 06, 2025
[Video] "Copyleft Isn't a Bug."
"Copyleft isn’t a bug. It’s a feature. GNU GPL forced the world to treat code like a public good."
Being in Social Control Media Means Exposing Oneself to Heckling
Richard Stallman does not (either himself or directly) post to any social control media
Links 06/07/2025: Airlines Perils, Scams, and Breaches
Links for the day
For the Second Time, Bryan Lunduke From Microsoft is Siccing Racist Trolls and Vandals at Me
You're only reinforcing the point we made yesterday
Links 06/07/2025: End to End Encryption at Risk, Reuters Twitter ("X") Account Withheld in India
Links for the day
Gemini Links 06/07/2025: Tinylog and Certification Rotation
Links for the day
Links 06/07/2025: Climate Change and "The Right to Criticise"
Links for the day
PCLinuxOS Sites Coming Back, Gradually
let's just be patient
Social Control Media, Even If Based on Free Software, Still Has Many Problems
a distraction from what actually mattered and still matters
IBM is Not Your Master
IBM makes friends with people who exclude the majority of the population: women
Help Fund the Free Software Foundation (FSF)
If you have some dollars to spare, go support the FSF
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, July 05, 2025
IRC logs for Saturday, July 05, 2025
A Short History of Attacks on Techrights (and Boycott Novell Before That)
good opportunity to tell again the story of several (not all) attempts to silence us
The Mainstream Media Took 4 Days to Realise Microsoft Shut Down Its Operations in Pakistan and Fired Everybody
We estimate that Microsoft has had about 29,000 layoffs since January
Leadership in Free Software
Don't let IBM lead. It's a terrible flag bearer.
“Twibel” Actions Against Comedians (and Why It's a Truly Low Blow)
they try to make up in quantities for a lack of merit or quality
Linux Foundation Apparently Flirting With Slop (Marketing by LLM-Generated SPAM)
The Web is in a really bad state!
COVID-19 Sped Up Site Improvements in Techrights
A few months later we created our very own IRC network
Gemini Links 05/07/2025: Negative Questions and 'Touching Grass' (Going Outside)
Links for the day
Links 05/07/2025: Dalai Lama Succession as 90th Birthday Approaches, 40 deg C in China
Links for the day
Links 05/07/2025: Hungary and US Defecting to Russia, "Google's Hotseat Hypocrisy"
Links for the day
Gemini Links 05/07/2025: 4th of July 2025 and "Zig Roadmap 2026"
Links for the day
How to Combat the Exploitation and Abuse by Microsoft GitHub
Not to mention corruption and crimes against women
Bryan Lunduke is Actually Sending His Audience to Attack People
"[Lunduke] is actually sending his audience to attack people."
Even The Right Wing is Rejecting Bryan Lunduke
no wonder he became so irrelevant and marginal
Microsoft's MSN Helps Microsoft Spread Lies About the Layoffs' Scale (Well Over 25,000 People Laid Off This Year)
There seem to be monopolies on lies and on truth
The Death of X Has Been Greatly Exaggerated (by Compromised Media)
X.Org Server is alive and well
Rewriting Things in Rust
How far would you go?
In 2025 Everything is "AI". Remember Blockchains?
Talk about what companies and things (services, products, software) actually do, not the labels they use
Julian Assange Has Been Free for a Year
Julian Assange and I disagreed on some things
Monopolies and Scalping
Monopolies gravitate towards price hikes
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, July 04, 2025
IRC logs for Friday, July 04, 2025
Microsoft's August Layoffs Wave: "August is Confirmed for Additional Performance Based Cuts"
"August is confirmed for additional performance based cuts from the recent connects along with additional organizational cuts."
What Microsoft Reputation Laundering (With a Weaponised Law Degree) Looks Like in a Foreign Continent
You would expect this in uncivilised and primitive countries
Slopwatch: LLMs 'Write' Fake or Distorted 'News' About "Linux"
LLM slop disguised as news