We have warned before that any imitation of .NET is likely to inherit its problems and the same goes for OOXML. Some of the more severe problems pertain to security.
Vulnerability reported by Redhat.
Nominum Solves Kaminsky Attack, and Novell's iPrint Open to Attack, Say Researchers. What do these stories have in common? I was thinking perhaps institutionalized delusional thinking and incompetence, but maybe I'm being too harsh.
[...]
Lest anyone think I am being too mean to poor old defenseless Novell and Microsoft, I recall ActiveX security advisories almost from its inception back in 1996 or so. What has changed since then, twelve years later? Nothing, as this random recent security bulletin shows:
"Microsoft has released Security Advisory (955179) to describe attacks on a vulnerability in the Microsoft Office Snapshot Viewer ActiveX control. Because no fix is currently available for this vulnerability, please see the Security Advisory and US-CERT Vulnerability Note VU#837785 for workarounds."
So we need to revise the popular "fool me once" saying:
Fool me once, shame on you Fool me twice, shame on me Fool me thousands of times over many years...let's get married!"
Now why is it again that corporate participation is important to FOSS?
--Dennis Fisher, August 7th, 2008