Microsoft Office 2010 is a Security Vulnerability

Dr. Roy Schestowitz

2010-07-07 12:02:49 UTC
Modified: 2010-07-07 12:02:49 UTC

Summary: Two "critical" security vulnerabilities are found in Office 2010, but there is no disclosure

THE first known Office 2010 flaw was mentioned here a few days ago and Microsoft's habit of secretly patching vulnerabilities (fixing them without telling anyone) was covered here several weeks ago. Microsoft admitted doing this, with this important admission finally arriving in May. Now, watch this new report:

Following on from full disclosure, Microsoft now has a new disclosure variant to contend with – no disclosure. French security services provider VUPEN claims to have discovered two critical security vulnerabilities in the recently released Office 2010 – but has passed information on the vulnerabilities and advice on mitigation to its own customers only. For now, the company does not intend to fill Microsoft in on the details, as they consider the quid pro quo – a mention in the credits in the security bulletin – inadequate.

Why would anyone pay hundreds of dollars for a piece of software which Amazon rated just 2/5 for lack of novelty and other reasons? There isn't even adherence to international standards [1, 2, 3, 4, 5, 6, 7]. It's just fake hype [1, 2] that Microsoft has allocated nearly a tenth of a billion to (in marketing alone). OpenOffice.org 3.3 is already in the works and it makes code, not marketing. Amazon has it rated 5/5 (compared to 2/5 for Microsoft Office 2010). ⬆

A Lot of Technological 'Progress' Has Been Nothing But Buzzwords: Free software does not try to excite people people over nothing
Proprietary Software: Here Today, Gone Tomorrow: Proprietary software has an entirely different mindset, revolving around business models rather than science
Web Hostnames Down to Lowest Number in More Than 7 Years!: the number of hostnames is falling rapidly (they hide this by choosing logarithmic scale)
Over at Tux Machines...: 2 days' worth
Stop Begging Companies That Don't Value Your Freedom to Stop Pushing You Around: That's not freedom
The forbidden topics: There are forbidden topics in the hacker community
IRC Proceedings: Saturday, September 30, 2023: IRC logs for Saturday, September 30, 2023
Don't be Afraid of the Command Line, It Might Even be a Friend: There's a tendency to think that only graphical interfaces were made to simplify usage, and any declarative interface is by design raw, inherently unfit for usage
One Positive Note About GNU/Linux Coverage in 2023 (Less Microsoft): GNU/Linux users do not want this, with very rare exceptions
Snaps Were Never Good at Security, But the Media Coverage is Just Appalling: The media should focus on culling Windows, not making a huge fuss over minor things wrongly attributed to "Linux"
Better Footage of Richard Stallman's Talk Last Week: “Freedom in computing, forty years after starting to really protect it”: Richard Stallman speaks about the cancer situation early in his speech
Links 30/09/2023: A Government Shutdown and More Blizzard Layoffs: Links for the day
Links 30/09/2023: Bing Almost Offloaded Due to Failure/Losses, Nvidia Raided: Links for the day
Community is the Lifeblood of Freedom in the GNU/Linux World: Removing or undoing the "cancerd" (systemd) is feasible but increasingly difficult
Richard Stallman Says He Will Probably Live Many More Years: "Richard Stallman has cancer. Fortunately it is slow-growing and manageable follicular lymphona, so he will probably live many more years nonetheless. But he now has to be even more careful not to catch Covid-19."
Quitting 'Clown Computing' and GAFAM is Only the Start: The Web and the Net at large became far too centralised
They Say Free Software is Like Communism When They, the Proprietary Software Giants, Constantly Pursue Government Bailouts (Subsidies From Taxpayers): At the moment Ukraine is at most risk due to its dependence on Microsoft (inside its infrastructure)
Social Control Media Has No Future, It Was Always Doomed to Fail (Also Promoted Based on Lies): Recent events, including developments at Twitter, meant that they lost a lot of their audience and then, in turn, sponsors/advertisers
They're Been Trying to 'Kill' Richard Stallman for Years (by Mentally Tormenting Him): Malicious tongue wanted to do him what had been done to Julian Assange
We Temporarily Have Two Gemini Capsules: They're both authentic and secure, but they're not the same
Consumerism is Lying and Revisionism: We need to reject these liars and charlatans
Links 30/09/2023: Open VFS Framework, CrossOver 23.5, Dianne Feinstein Dies: Links for the day
Security Leftovers: GNU/Linux, Microsoft, and more
Microsoft Down on the World Wide Web, Shows Survey: down by a lot in this category
IRC Proceedings: Friday, September 29, 2023: IRC logs for Friday, September 29, 2023
A Society That Fails Journalists Does Not Deserve Journalism: It's probably too later to save Julian Assange as a working publisher (he might never recover from the mental torture), but as a person and a father we can wish and work towards his release
Almost Nothing To Go With Your Morning's Cup Of Coffee: Newspaper? What newspaper?
Techrights Was Right About the Chaff Bots (They Failed to Live up to Their Promise): Those who have been paying attention to news of substance rather than fashionable "tech trends" probably know that GNU/Linux grew a lot this year
Selling Out to Microsoft Makes You Dead Beef: If all goes as well as we've envisioned, Microsoft will get smaller and smaller
Curation and Preservation Work: The winter is coming soon and this means our anniversary is near
Mobile Phones Aren't Your Friend or a Gateway to Truly Social Life: Newer should not always seem more seductive, as novelty is by default questionable and debatable
Links 29/09/2023: Disinformation and Monopolies: Links for the day
iFixit Requests DMCA Exemption…To Figure Out How To Repair McDonald’s Ice Cream Machines: Reprinted with permission from Ryan Farmer
Jim Zemlin Thinks the World's Largest Software Company Has 200 Staff, Many of Whom Not Technical at All: biggest ego in the world
Microsoft GitHub Exposé — In the Alex Graveley Case, His Lawyer, Rick Cofer, Appears to Have Bribed the DA to Keep Graveley (and Others) Out of Prison: Is this how one gets out of prison? Hire the person who bribes the DA?
Richard Stallman's Public Talk in GNU's 40th Anniversary Ceremony: Out now
Links 29/09/2023: Linux Foundation Boasting, QLite FDW 2.4.0 Released: Links for the day
Red Hat Does Not Understand Community and It's Publicly Promoting Microsoft's Gartner: RedHat.com is basically lioning a firm that has long been attacking GNU/Linux in the private and public sectors at the behest of Microsoft
A 'Code of Conduct' Typically Promoted by Criminal Corporations to Protect Crimes From Scrutiny: We saw this in action last week
Objections to binutils CoC: LXO response to proposed Code of Conduct
Conde Nast (Reddit), Which Endlessly Defamed Richard Stallman and Had Paid Salaries to Microsoft-Connected Pedophiles, Says You Must Be Over 18 to See 'Stallman Was Right': Does this get in the way of their Bill Gates-sponsored "Bill Gates says" programme/schedule?
Techrights Extends Wishes of Good Health to Richard M. Stallman: Richard Stallman has cancer
endsoftwarepatents.org Still Going, Some Good News From Canada: a blow to software patents in Canada
The Debian Project Leader said the main thing Debian lacked was more contributors: The Debian Project Leader said the main thing Debian lacked was more contributors
IRC Proceedings: Thursday, September 28, 2023: IRC logs for Thursday, September 28, 2023
Links 28/09/2023: Openwashing and Patent Spam as 'News': Links for the day

Microsoft Office 2010 is a Security Vulnerability

Recent Techrights' Posts