alt Hacker NewsThe trick depends upon different implementations doing different things. Not likely for Word (though I suppose it is -possible- across different versions or different OSes).
Replies
To respond to Grandfather comment, modern Office files are really just ZIPs with different extensions, they even have the magic string "PK" at the very beginning of the file.
I do wonder, since a lot of tools outside of the MS ecosystem can read Office files (e.g. LibreOffice and Google Docs as well as plenty of other online tools), if indeed the hack as described by the article is possible. One would just need to figure out the ZIP stacks used by said tools.
docx is supposed to be a portable format. There are many tools other than Word that open them. Just LibreOffice and Google Docs for example. They might well differ from Word or from each other in how they handle this case. Definitely worth testing!
The Office365 online and desktop implementations of zip could be different.
It’s very common for organisations to only give expensive MS Office licenses to a subset of employees while the rest rely on O365 or Google Docs.
Then you have people on Linux or macOS who might also use LibreOffice, Apples Office suite, or something else entirely.
And given MS Office is the de facto standard, you’ll often see people open OOXML documents within non-MS office suites.
After all, OOXML is an open standard (sarcasm).
ODF (the document formats favoured by most other office suites) is also ZIP-based XML. So they too could be vulnerable.