August 31, 2000

I was just reading Wired News. A new alert is in the technology section entitled Word Docs With Ears? In the article, it states "A privacy group warned Wednesday that so-called "Web bugs" could track Microsoft Word documents as they are distributed among Internet users." The article goes on to talk about how one could embed a URL request for a graphic or a cookie submission into a document, and because MS Word is HTML enabled, this request could fire without the knowledge of the document reader. Also, not mentioned in the article, but obvious to the technologically inclined, you will note that this does not constitute macro code. I wonder whether or not it would be possible to implant viral code that would fire in MS Word into that URL-retrieved object. Utilizing an ActiveX object, you could embed code into the document, and if the user does not have ActiveX turned off in their Internet Explorer options (insert thousands of people yelling about IE/OS integration here) the ActiveX applet could fire and run.
Yet another development that will fire off the next salvo of virus/fix cycles.

No comments: