Security Vulnerability Found in Microsoft Word 2010
On Monday, March 24, 2014, Microsoft announced a security vulnerability in Microsoft Word. Attackers can use booby-trapped documents in Rich Text Format (RTF) to gain remote access to a user’s system. This means that the attacker has the ability to access a user’s computer (and in this case, Outlook emails) from another location. Attackers can also use this remote access to execute malicious code to a user’s computer and take complete control of an affected system.
Microsoft Word 2010 is the most vulnerable, however similar attacks can occur in other versions of Word including 2003, 2007, and 2013, Microsoft Office for Mac 2011, and multiple versions of SharePoint Server. Through these attacks, hackers can gain system privileges in Outlook- the same privileges as the user who is currently logged in.
“At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. The vulnerability could allow remote code execution if a user opens a specially crafted RTF file using an affected version of Microsoft Word, or previews or opens a specially crafted RTF email message in Microsoft Outlook while using Microsoft Word as the email viewer. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Applying the Microsoft Fix it solution, “Disable opening RTF content in Microsoft Word,” prevents the exploitation of this issue through Microsoft Word.”
Microsoft is currently attempting to remedy the situation. They state that they will take the “appropriate action to protect customers.” This may include providing a solution through monthly security updates or an out-of-cycle security update, depending on customer needs. Microsoft’s blog states. “We are actively working with partners in our Microsoft Active Protections Program (MAPP) to offer information that they can use to provide additional protections to customers.”
Meanwhile, Microsoft has released a temporary fix for the problem that includes disabling opening RTF content in Word.