Is there any way for Malware to attach itself to Word Documents OTHER THAN VIA MACROS?

There are many well known pieces of Malware that target Microsoft Word Macros - hence they are turned off by default in recent versions of the software.

Following Yvonne's comment re. how to keep Malware off your systems we spoke to discuss how to clean up her system.

My recommendation was to flatten the system (as she has a copy of the data offline), format the disk, re-install Windows XP from the ground up, apply Service Pack 2, apply subsequent patches, re-install the applications, ensure that all Macro capabilities are disabled and then re-introduce the data.

If you know of a way for malware to travel within a Word document other than via Macros then please comment on this post.

Comments

• Anonymous
  May 03, 2006
  If I'm not mistaken it would be possible (but not necessarily likely "in the wild") for a malware-infected image file embedded in a Word document to take advantage of a buffer exploit (e.g. the JPEG scare a while back which turned out to be a bit of a damp squib).
  
  However as your recommended solution includes applying all the patches before playing with the data that should be an academic issue.
• Anonymous
  May 03, 2006
  Nik> Good point. The recent image rendering vulnerability would be a route in for malware assuming the approprate patches are missing.
  
  Thanks for contributing
• Anonymous
  May 10, 2006
  The comment has been removed
• Anonymous
  June 02, 2006
  The comment has been removed