Microsoft RTF exploit: be careful

Today brings us (yet) another Microsoft vulnerability, one that can have attackers take control of your computer through you simply opening an email attachment. Microsoft announced the issue today (Monday, 2014/03/24).

The RTF (Rich Text Format) is a low-overhead file format for exchanging documents between various word processing applications or in email sometimes.

It's not very common, but be wary of them should they appear in your email. Of course, Outlook may well render the document "for" you before you realize it's even there as an attachment, in which case - too late - someone else controls your computer.

Firstly, from our own aggregation sidebar, Brian Krebs has the story, with a link to a temporary work-around:

Microsoft said the exploits it has seen so far attacking this vulnerability have targeted Word 2010 users, but according to Microsoft’s advisory the flaw is also present in Word 2003, 2007, 2013, Word Viewer and Office for Mac 2011.

Ars Technica has a write-up, as does The Register, which reports

Drew Hintz, Shane Huntley, and Matty Pellegrino of the Google Security Team reported the Word RTF memory-corruption flaw to Microsoft; the bug was assigned CVE-2014-1761 on January 31.

One particularly nasty part of the flaw is that it can be triggered if a specially crafted RTF document attached to an email is previewed in Outlook. Alternatively, "an attacker could host a website that contains a webpage that contains a specially crafted RTF file that is used to attempt to exploit this vulnerability," Microsoft explained.

Might be worthwhile to look at an alternate office product.

This seems to be related to an exploit from 2009: http://www.verisigninc.com/en_US/cyber-security/security-intelligence/vu....