The massive computer security flaw discovered recently in Microsoft Word documents
has been solved. The solution consists of an addin software package for Word,
called the Hidden File Detector(TM)
addin for Word 97/2K/XP.
Once this flaw was discovered, the addin fix was quickly and accurately developed
by Microsoft MVP, Bill Coan. Readers of TechTrax will be familiar with Bill
as a contributing author.
Bill's free addin can be downloaded from http://www.wordsite.com.
It allows users of Microsoft's popular word processing software to detect files
hidden inside a word processing document. Such files can contain sensitive information
about the user or the user's organization.
In addition to displaying details about each file hidden inside a document,
the addin can jump to the exact place in a document where a hidden file is stored.
Without the software, users could easily miss files hidden in headers and footers,
footnotes, endnotes, comments, or drawing objects. Other potential fixes have
also recently been announced, but Bill's is the only one that doesn't
miss these other hidden locations.
Software developer Bill Coan recommended that users not share Word documents
with anyone outside their immediate circle of trust until they've addressed
the hidden file security flaw. Bill has offered the source code for his software
package to Microsoft Corporation. He expects Microsoft to proceed carefully
before addressing the security flaw because the mechanism used for hiding files
in a document has many legitimate purposes.
"If Microsoft disables the ability to incorporate external files into
a Word document, hundreds of thousands, perhaps millions of legitimate users
would be very greatly inconvenienced and their productivity and effectiveness
would suffer," Coan said. "Therefore, the solution is likely to involve
helping users detect hidden files, rather than eliminating entirely the mechanism
by which files can be hidden. The Hidden File Detector addin provides
that help now."
Bill Coan specializes in document automation. He decided to offer his Hidden
File Detector addin immediately and at no cost in hopes that users around
the world wouldn't lose faith in the security of documents created with Microsoft
For more information about the Hidden File Detector addin, or to download a
free copy of it, visit http://www.wordsite.com.
And to learn more about Bill, be sure to check out his
bio here in TechTrax.
Also see this article for additional information and a bundles download: More
on Word Field Vulnerability.