Project Hyphae
Search

Microsoft Word Vulnerability Goes Public, Users Wondering If a ‘RTF’ Means ‘Risky Text File’

Share This Post

A proof-of-concept (PoC) for a critical vulnerability in Microsoft Word that allows remote code execution has been published. Assigned a severity score of 9.8 out of 10, the vulnerability was addressed in the February Patch Tuesday security updates, but workarounds also exist. Security researcher Joshua Drake discovered the vulnerability and sent Microsoft a technical advisory containing PoC code showing that the issue is exploitable. A remote attacker could potentially use the vulnerability to execute code with the same privileges as the victim that opens a malicious .RTF document. Microsoft warns that users don’t have to open a malicious RTF document and simply loading the file in the Preview Pane is enough for the compromise to start. The vulnerability has not yet been exploited in the wild, but users are urged to install the security update from Microsoft as the safest way to deal with the issue. If the security update cannot be applied some mitigations are available in the links below:

https://www.picussecurity.com/resource/blog/cve-2023-21716-microsoft-word-remote-code-execution-exploit-explained

https://www.bleepingcomputer.com/news/security/proof-of-concept-released-for-critical-microsoft-word-rce-bug/

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21716

.



Reach out to our incident response team for help

More To Explore

Information Security News 6-10-2024

Frontier Warns 750,000 of a Data Breach After Extortion Threats Article Link: https://www.bleepingcomputer.com/news/security/frontier-warns-750-000-of-a-data-breach-after-extorted-by-ransomhub ‘Fog’ Ransomware Rolls in to Target Education, Recreation Sectors Article Link: https://www.darkreading.com/threat-intelligence/fog-ransomware-rolls-in-to-target-education-recreation-sectors

Information Security News 6-3-2024

Snowflake Data Breach Impacts Ticketmaster, Other Organizations Article Link: https://www.securityweek.com/snowflake-hack-impacts-ticketmaster-other-organizations/ 2.8 Million Impacted by Data Breach at Prescription Services Firm Sav-Rx Article Link: https://www.securityweek.com/2-8-million-impacted-by-data-breach-at-prescription-services-firm-sav-rx/ LastPass

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.