• No events
AEC v1.0.4

Cyber Security Info

Zero-day vulnerability of Microsoft Word being used for targeted attacks

March 25, 2014

Share Button

Microsoft has warned that Microsoft Word suffers from a zero-day vulnerability that has already been used for targeted attacks. The attacker utilized specially crafted RTF file that allowed remote code execution under current user’s privileges. The attacks utilizing this vulnerability have been used only against MS Word 2010 but it affects all MS Word, MS WebApps and Word Viewer versions since 2003. The vulnerability may also affect MS Outlook in case it uses Word as e-mail viewer. Microsoft has published a fix-it solution that disables opening RTF files in MS Word.

Share Button