Malicious .rtf file exploits MS Office flaw
A stack-based buffer overflow vulnerability in Microsoft Office has recently been spotted being exploited in the wild by attackers aiming at getting control of targeted systems.
The flaw has been patched and the patch issued by Microsoft back in November, but the attackers clearly count on those users that don’t keep their software up-to-date and don’t have the habit of patching it regularly.
The attack is initiated by a specially crafted, malicious .rtf file that aim at crashing Microsoft Word in order to be able to inject a Trojan into the system. Trend Micro researcher Karl Dominguez is especially worried by the possibility of an attacker sending an RTF email to potential victims.
“Since Microsoft Outlook uses Word to handle email messages, the mere act of opening or viewing specially crafted messages in the reading pane may cause the exploit code to execute,” he says.
Coincidentally, Microsoft has also recently announced that it will be incorporating the File Validation feature offered in Office 2010 into Office 2007 and 2003. “This feature verifies the contents of .doc, .xls, .ppt and .pub files as they are being read, and if it detects an issue, display a warning informing the user that there is a potential issue with the file,” they say.