Wednesday, March 26, 2014

Microsoft Word RTF Security Flaw

Jack Clark:

Opening a poisoned Rich Text File (RTF) document allows the attacker to hijack the PC with the same privileges as the logged-in user.

[…]

Microsoft Word 2003, 2007, 2010, 2013, and Office for Mac 2011 are vulnerable, according to Redmond. Microsoft Office Web Apps, Automation Services on SharePoint Server 2010 and 20103, and Outlook 2007, 2010 and 2013 when using Word as the email viewer, are also affected.

1 Comment RSS · Twitter

One of the things I love about OS X is that I nice system provided reader tools so I haven't had to open up a unknown-sourced pdf in Acrobat or an unknown-sourced word processor document in Word for so long.

Both of those apps are very nice content creation apps, but insanely bad reader apps when directed towards the internet connected world.

Leave a Comment