New Microsoft Word Vulnberability

Microsoft is investigating a new remote code execution vulnerability in Microsoft Word. Microsoft has issued a security advisory after confirming reports that the flaw is being exploited as part of targeted attacks against Word 2010.

Microsoft has found that the vulnerability affects all supported versions of Microsoft Word. The flaw in question makes remote code execution possible if you open a specially crafted RTF file using an affected version of Word, as well as if you preview or open a specially crafted RTF email message in Outlook while using Word as the email viewer. Doing either could allow the attacker to gain the same user rights you have.

While there is no patch as yet, Microsoft is offering the following workaround.

  • Apply the Microsoft Fix it solution “Disable opening RTF content in Microsoft Word.” This temporary fix configures the Microsoft Office File Block policy to prevent the opening of RTF files in supported versions of Microsoft Word.
  • Read emails in plain text: To help protect yourself from the email attack vector, read email messages in plain text format. Outlook 2003, Outlook 2007, Outlook 2010, and Outlook 2013 all provide such an option.
  • Use Microsoft Office File Block policy to prevent the opening of RTF files in Word 2007, Word 2010, and Word 2013.

The first option can be enabled and disabled on the fly. The second and third options require a bit more effort. Still, all are valid until a patch is available to plug the security hole for good.

Leave a Reply

Your email address will not be published. Required fields are marked *