Results 1 to 4 of 4
  1. #1
    Star Lounger pseudoid's Avatar
    Join Date
    Feb 2011
    Posts
    98
    Thanks
    15
    Thanked 12 Times in 6 Posts

    Office (Word via Outlook) RTF Exploit

    This is not a post April's Fool joke.
    Opening an email message can expose ("Remote Code Exucution") Microsoft Outlook users to hijackers even if they don’t open any file attachments.
    If an email is sent in RTF (Rich Text Format) and if Microsoft Word is the default viewer for RTF files, then an email can be coded to give its sender the same user privileges as the user of the viewing device.
    Microsoft is working on a patch for Word (versions 2003 and higher are affected).
    In the meantime, the company is offering this FixIt solution that disables reading of RTF files.
    Find the interim "FixIT" solution here >> https://support.microsoft.com/kb/2953095

  2. #2
    5 Star Lounger
    Join Date
    Mar 2014
    Posts
    699
    Thanks
    0
    Thanked 65 Times in 64 Posts
    It may not apply to all versions of Word, tried it on my 64-bit 2010 version okay but it gave a message that it didn't apply to my 64-bit 2013 version.

  3. #3
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    2,915
    Thanks
    91
    Thanked 356 Times in 320 Posts
    This was discussed here 10 days ago; Microsoft reveals zero-day attacks against Word

    And highlighted in the newsletter Patch Watch last week: MS releases fixit for new Word vulnerability

    Bruce

  4. #4
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    20,656
    Thanks
    2
    Thanked 635 Times in 568 Posts
    If there is any further discussion please post in the original thread linked in post #3.

    Joe

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •