1. Home >
  2. Apps >
  3. Groups >

Specially Crafted RTF Files Could Allow Remote Code Execution When Opened With Microsoft Word

Question asked by Satya Swaroop Dash in #Gadgets on Mar 25, 2014
Satya Swaroop Dash
Satya Swaroop Dash · Mar 25, 2014
Rank A3 - PRO
Microsoft has released an advisory warning Microsoft Office users about a vulnerability in Microsoft Word which potentially allows attackers to remotely execute malicious code via a specially crafted Rich Text Format (RTF) file. The “Word RTF Memory Corruption Vulnerability” was first discovered by Drew Hintz, Shane Huntley, and Matty Pellegrino of the Google Security Team who then posted their findings to Microsoft. According to their reports, this vulnerability affects users who open the specially crafted RTF file using an affected version of Microsoft Word or preview the file on Microsoft Outlook (Microsoft Word is the default file viewer for RTF files). When Microsoft Word parses the RTF file, it causes the system memory to become corrupted in such a manner that an attacker is then free to execute arbitrary code, one of which is gaining the same user rights as that of user. Currently several versions of Word such as Word 2003, 2007, 2010 and 2013 along with Microsoft Office for Mac 2011 and multiple versions of Microsoft SharePoint Server are vulnerable to this attack.

Microsoft Word

While Microsoft has not exactly stated why these attacks are being carried out or by whom, Ars Technica has deducted that that these attacks are not random large scale attacks but are meant for specific individuals or institutions since Mircosoft has used the term “targeted attacks” in its advisory. Microsoft says that they are currently investigating this situation and will be releasing a fix during its monthly security patches or an out-of-cycle security update. For the meanwhile it has advised users to download and apply the Microsoft Fix it which disables RTF content from opening in Microsoft Word. Posted in: #Gadgets

You must log-in or sign-up to reply to this post.

Click to Log-In or Sign-Up