Microsoft Word 2000 Update: 'Word Mail Merge' Vulnerability

Category
Utilities
Patches and Updates

Review

The Word 2000 Mail Merge Security Update protects you from a vulnerability in the mail merge function in Word with Access databases as a data source. Because the mail merge function in Word can allow an Access database to run macro code automatically - with no macro protection warnings turned on - malicious users could entice you to open a specially constructed mail merge Word document (from an e-mail attachment or a link on a hostile Web site) that might cause arbitrary code to run on your machine.This update protects you against the vulnerability by increasing the security in the connection between Word mail merge documents and Access databases. If the Access database is located on the Internet or in a Restricted sites zone, then the mail merge document will prompt you for a new data source before executing the macro. To use the Word 2000 Mail Merge Security Update, you must have installed Office 2000 Service Release 1a (SR-1a). If you are currently using Word 97, download the Word 97 Mail Merge Security Update released in late October 2000.


Search

Recent searches