Project Hyphae

Microsoft Word Vulnerability Goes Public, Users Wondering If a ‘RTF’ Means ‘Risky Text File’

Share This Post

A proof-of-concept (PoC) for a critical vulnerability in Microsoft Word that allows remote code execution has been published. Assigned a severity score of 9.8 out of 10, the vulnerability was addressed in the February Patch Tuesday security updates, but workarounds also exist. Security researcher Joshua Drake discovered the vulnerability and sent Microsoft a technical advisory containing PoC code showing that the issue is exploitable. A remote attacker could potentially use the vulnerability to execute code with the same privileges as the victim that opens a malicious .RTF document. Microsoft warns that users don’t have to open a malicious RTF document and simply loading the file in the Preview Pane is enough for the compromise to start. The vulnerability has not yet been exploited in the wild, but users are urged to install the security update from Microsoft as the safest way to deal with the issue. If the security update cannot be applied some mitigations are available in the links below:


Reach out to our incident response team for help

More To Explore

Information Security News 9-18-2023

Iranian Cyberspies Target Thousands of Organizations with Password Spray Attacks Article Link: Requests via Facebook Messenger Lead to Hijacked Business Accounts Article Link:

Information Security News 9-11-2023

University of Michigan Requires Password Resets After Cyberattack Article Link: Attackers Accessed UK Military Data Through High-Security Fencing Firm’s Windows 7 Rig Article Link:

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.