Latest: Digital For Tech News Click Here

Wednesday, 26 March 2014

Microsoft Word Zero-Day Vulnerability is being exploited in the Wild

place Google AdSense code here

Microsoft Word Zero-Day Vulnerability is being exploited in the Wild

Microsoft warned about a zero-day vulnerability in Microsoft Word that is being actively exploited in targeted attacks and discovered by the Google security team. “At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010…” company said.According to Microsoft's security advisory, Microsoft Word is vulnerable to  a remote code execution vulnerability (CVE-2014-1761) that can be exploited by a specially crafted Rich Text Format (RTF).An Attacker can simply infect the victim's system with malware if a user opens a malicious Rich Text Format (RTF), or merely preview the message in Microsoft Outlook."The issue is caused when Microsoft Word parses specially crafted RTF-formatted data causing system memory to become corrupted in such a way that an attacker could execute arbitrary code."Microsoft acknowledged that remote code execution flaw also exists in Microsoft Word 2003, 2007, 2013, Word Viewer and Office for Mac 2011.Microsoft is working on an official patch, which will be released with the next Patch Tuesday security updates on April 8.But in the meantime, Windows users can use temporary 'Fix It' tool to patch this vulnerability and also can install Enhanced Mitigation Experience Toolkit (EMET) tool that can mitigate this vulnerability.Do not download .RTF files from the suspicious websites, and do not open or preview .RTF email attachments from strangers.Follow me on Google+, Twitter or Facebook or Contact via Email.

0 comments: Post Yours! Read Comment Policy ▼
We have Zero Tolerance to Spam. Chessy Comments and Comments with Links will be deleted immediately upon our review.

Post a Comment

Copyright © 2013 MyBloggerBlog Template All Right Reserved
Designed by MyBloggerBlog | Powered by Blogger