Microsoft KB Archive/303517

= WD: Word Macro Security Update Available =

Article ID: 303517

Article Last Modified on 7/16/2007

-

APPLIES TO


 * Microsoft Word 2001 for Mac
 * Microsoft Word 98 for Macintosh

-



This article was previously published under Q303517



SUMMARY
The Microsoft Word for Macintosh Security Update: Macro Vulnerability addresses a vulnerability that could allow malicious code to run in a Rich Text Format (RTF) document without warning.

Under normal circumstances, you see a warning in Microsoft Word 98 or Word 2001 when you open a document that is attached to a template containing macros. However, it is possible for an RTF document to be linked to a template that contains macros in such a way that a macro can run with no warning issued. This could cause damage to data or allow unauthorized retrieval of data from your system when you visit a Web site or open an e-mail message.

This security update prevents macros from opening without a security warning. After you install the update, you will be warned before you open an RTF document that is linked to a template that contains a macro. You can still use templates, templates with macros, or Rich Text Format (RTF) documents with macros.


 * The vulnerability affects Microsoft Word 98 Macintosh Edition and Microsoft Word 2001 for Mac.
 * The vulnerability only affects Word. Other Office products are not affected.
 * The vulnerability does not occur when opening Word documents, only when opening RTF documents that are linked to a template.



Requirements
To install the Word for Macintosh Security Update: Macro Vulnerability, you first must have the latest update for your version of Word.

Word 2001

If you are using Word 2001, you must first install Office 2001 for Mac Service Release 1. If you are unsure whether you are using the latest update, verify the version number of your version of Word by following these steps:
 * 1) In the Finder, select the Word application file.
 * 2) On the File menu, point to Get Info, and then click General Information.
 * 3) If your version number is 9.0.1 (3122), you are already using Service Release 1. If your version number is 9.0 (2510), you must install Office 2001 Service Release 1 before you install the Word for Macintosh Security Update: Macro Vulnerability.

To download Office 2001 for Mac Service Release 1, browse to the following Microsoft Web site:

http://www.microsoft.com/mac/downloads.aspx?pid=download&location=/mac/download/office2001/update_905.xml&secid=10&ssid=25&flgnosysreq=True

Word 98

If you are using Word 98, you must first run the Combined Updater for Office 98. If you are unsure whether you are using the latest update, or what updates you have installed for Office 98, please review the following Knowledge Base article for information about how to check for the latest version and the location of the available updates:

273713 OFF98: How to Determine Which Office 98 Updates Are Installed

Installation
Before you install, follow these steps:
 * Close all other running programs.
 * Disable all virus protection software.
 * Make sure that you are running the correct updated version of Word 98 or Word 2001. See the &quot;Requirements&quot; section earlier in this article for how to verify which version of Word you are running.
 * If you are running Mac OS X, it is recommended that you use Startup Disk in System Preferences to switch to the Mac OS 9.1 (Classic) System Folder and then restart your Mac.

To install, follow these steps:  Download the Word for Macintosh Security Update: Macro Vulnerability file for your version of Word, and save it to your computer's hard disk. To download the Macro Vulnerability update, browse to the following Microsoft Web site:

http://www.microsoft.com/downloads/details.aspx?FamilyID=3cb2a7e8-8515-423c-a021-1daac4f4ae79

 If the file does not automatically decompress, double-click it to expand the file on your hard disk and begin the installation. Follow the instructions on the screen to complete the installation.

