Results 1 to 4 of 4
  1. #1
    Star Lounger pseudoid's Avatar
    Join Date
    Feb 2011
    Posts
    99
    Thanks
    16
    Thanked 12 Times in 6 Posts

    Office (Word via Outlook) RTF Exploit

    This is not a post April's Fool joke.
    Opening an email message can expose ("Remote Code Exucution") Microsoft Outlook users to hijackers even if they donít open any file attachments.
    If an email is sent in RTF (Rich Text Format) and if Microsoft Word is the default viewer for RTF files, then an email can be coded to give its sender the same user privileges as the user of the viewing device.
    Microsoft is working on a patch for Word (versions 2003 and higher are affected).
    In the meantime, the company is offering this FixIt solution that disables reading of RTF files.
    Find the interim "FixIT" solution here >> https://support.microsoft.com/kb/2953095

  2. #2
    Silver Lounger
    Join Date
    Mar 2014
    Location
    Forever West
    Posts
    2,072
    Thanks
    0
    Thanked 259 Times in 248 Posts
    It may not apply to all versions of Word, tried it on my 64-bit 2010 version okay but it gave a message that it didn't apply to my 64-bit 2013 version.

  3. #3
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,745
    Thanks
    171
    Thanked 648 Times in 571 Posts
    This was discussed here 10 days ago; Microsoft reveals zero-day attacks against Word

    And highlighted in the newsletter Patch Watch last week: MS releases fixit for new Word vulnerability

    Bruce

  4. #4
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,571
    Thanks
    5
    Thanked 1,056 Times in 925 Posts
    If there is any further discussion please post in the original thread linked in post #3.

    Joe

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •