The Inquirer-Home

Microsoft Word zero-day vulnerability found in the wild

Oh dang
Tue Mar 25 2014, 16:04
Make better lists in MIcrosoft Word

MICROSOFT HAS ADMITTED that a Word zero-day vulnerability exists and is being exploited in the wild, and has suggested how to avoid becoming a victim of it.

A Technet security advisory explains that a vulnerability could expose a user's PC to remote code execution.

An attacker would have to send the victim an infected RTF file. A number of Microsoft Word versions are affected, including Microsoft Office for Mac and Microsoft Word 2003 Service Pack 3, and Microsoft said that it is aware of limited, targeted attacks directed at Microsoft Word 2010

"An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights," said Microsoft.

"Applying the Microsoft Fix it solution, 'Disable opening RTF content in Microsoft Word,' prevents the exploitation of this issue through Microsoft Word."

Microsoft said that it is still looking into the remote code execution vulnerability, and will take "appropriate action" when it decides what that action is.

"On completion of investigation for this vulnerability, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs," it said.

Wolfgang Kandek, CTO at security firm Qualys, seconded the suggestion to disable opening RTF content, and added the tip that people should use plain text in emails. He added that this is "generally a recommended safeguard that prevents the 'drive-by' character of these types of attacks".

Until a patch is released, you should follow the workaround. µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Microsoft's Windows 10 Preview has permission to watch your every move

Does Microsoft have the right to keylog users of its Windows 10 Technical Preview?