Talk:Top 10 2007

From OWASP
Revision as of 22:07, 2 February 2007 by Neil Smithline (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Does it make sense to be distributing an editable .DOC file? I believe there are currently 5 zero-day vulnerabilities in .DOC files to which MS has provided no patch. Leaving a .doc file on a WIKI page where anyone can edit it just seems dangerous to me.

Can we convert it to .RTF? I believe there are currently no known threats in that format and it is nearly as rich as .DOC.

It would be especially embarrassing if all of us security wizards got ourselves infected with a nasty virus or something because of this...