Proverbs, aphorisms, quotations (English) | by Linux fortune |
Security Holes Found In Microsoft Easter Eggs REDMOND, WA -- It's damage control time for the Microsoft Marketing Machine. Not only have exploits been found in IE, Outlook, and even the Dancing Paper Clip, but now holes have been uncovered in Excel's Flight Simulator and Word's pinball game. "If you enter Excel 97's flight simulator and then hit the F1, X, and SysRq keys while reading a file from Drive A:, you automatically gain Administrator rights on Windows NT," explained the security expert who first discovered the problem. "And that's just the tip of the iceberg." Office 97 and 2000 both contain two hidden DLLs, billrulez.dll and eastereggs.dll, that are marked as "Safe for scripting" but are not. Arbitrary Visual BASIC code can be executed using these files. More disturbing, however, are the undocumented API calls "ChangeAllPasswordsToDefault", "OpenBackDoor", "InitiateBlueScreenNow", and "UploadRegistryToMicrosoft" within easter~1.dll. Microsoft spokesdroids have already hailed the problem as "an insignificant byproduct of Microsoft innovation." |