Tuesday, March 25, 2014

Why We Do NOT Use MSFT Word


All versions of Microsoft Word, both Mac and Windows, and several related programs like the Word Viewer and Word Automation Services on Microsoft SharePoint Server are also vulnerable, but the current attacks are directed at Microsoft Word 2010. Exploits such as these are often version-specific, and in targeted attacks, such as this appears to be, the attacker may already know which version he needs to exploit.

Microsoft also says that Microsoft Outlook could also be exploited with such an RTF file if Word were set as the viewer for Outlook. In the default configuration Word is the viewer in Outlook 2007, 2010 and 2013.

Microsoft has issued a Knowledge Base article with a "Fix It" tool which works around the problem by disabling support for RTF. If you rely on Word for RTF files this could be a problem.

A successful exploit would give the attacker control with the privileges of the user running Word, so running with standard user privileges could lessen the damage that an attacker could cause.

Microsoft also says that their Enhanced Mitigation Experience Toolkit (EMET) tool can mitigate this vulnerability.

No comments:

Post a Comment