Evil Clippy: a tool for making undetectable malicious Microsoft Office docs

Somebody in that company already sold the code for this to a hacker before the ink was dry. In the next 6 months there will be a tidal wave of machines being corrupted by bad .doc files. Bet on it.

1st eventuality is no worry. In order for the malicious code to tell the passage of time, it has to say running during that time. Which means the computer and Word have to stay up and running that whole time, so it could be defeated by simply shutting down either.

A bat file is just interpreted by cmd.exe. It can’t do anything by itself. It may seem like unnecessary pedantry to you but I program Windows applications professionally so these distinctions matter to me. :slight_smile:


Like this?


I program Windows applications professionally and they don’t matter that much to me in a general discussion.

is this attack vector something that can be used in either LibreOffice or OpenOffice?

Broadly speaking, OpenOffice has macros, so, yes, malicious macros are a risk

Macros are essentially a security hole by design.

Is this also what my college students are using to create corrupt MS Word files that they turn in as term papers?

1 Like

This topic was automatically closed after 5 days. New replies are no longer allowed.