Microsoft Word Zero Day Targeted and Exploited
Targeted attacks have been spotted by Google’s security team actively exploiting a zero day in Microsoft Word 2010.
Microsoft’s security advisory stated that Microsoft Word’s zero day is vulnerable by a remote code execution vulnerability (CVE-2014-1761), that can be exploited by the Rich Text Format (RTF) files. “The issue is caused when Microsoft Word parses specially crafted RTF-formatted data causing system memory to become corrupted in such a way that an attacker could execute arbitrary code.”
A malicious hacker could infect a user with malware by exploiting an email or rich text format document with the zero day vulnerability. Once a user opens the email in outlook, or opens the document, malware infects the users system immediately.
While attacks identified were targeting Microsoft Word 2010, Microsoft has also noted the zero day vulnerability/execution flaw exists inside Microsoft Word 2003, 2007, 2013, Microsoft Word Viewer, and Microsoft Office 2011 for Mac.
Microsoft has acknowledged an official patch for the exploit will be released April 8, 2014 (also the end date for Windows XP support). For those using Microsoft Word 2010 or any of the noted versions above, Microsoft has issued a one click fix it tool. The fix it tool disables RTF content from opening in Word, Microsoft said.
Do not download or open any shady .RTF files from any website or stranger. The Microsoft Word zero day affects email too. This zero day was announced on the 24th.