Critical Vulnerability in Microsoft office
A critical vulnerability have been found in Microsoft office in the way they handle RTF by which an attacker can remotely execute arbitrary code on the victim’s computer. But attacks are still popping up in the wild, reports GCN. Even this attack has not been extensive so far, but there can be chances to increase in attacks since the sample of this exploit is publicly available on internet, reported by Microsoft. This exploit effects office XP and office 2003 SP3, office 2007 SP2. And office 2010 (both the 32-bit and 64-bit), and it is exploited using a crafted RTF file that holds a size parameter bigger than expected. Once inside the attacker may execute malicious shellcode, which then downloads other malware. After this the attacker may be able to get complete access over victim’s computer and attacker may be able to install programs, view files delete files etc, reported by Microsoft and the patch for this vulnerability will be available soon. But even if the computer is patched, the users are not completely safe. Since this flaw is present in office software, Outlook could also use to automatically load a similar modified RTF –email message.
How to secure yourself from this exploit?
The answer is by setting up Outlook to read plain text formats and blocking the opening of RTF documents from unknown sources by using office File block.
No comments:
Post a Comment