Microsoft warns of zero-day exploit Word




Microsoft has discovered that attackers exploit a vulnerability in Word 2007, 2010 and 2013. The vulnerability allows attackers to execute code on a system, which applies rechtenset same as that of the current user.

Office 2013 The attackers focus according to Microsoft at present mainly at users of Word 2010, but also users of 2007 and 2013 are vulnerable. It is a so-called zero-day exploit, which means that a security vulnerability for which no patch is being abused.

The vulnerability occurs when parsing data as RTF formatted. As a result, the memory is compromised and an attacker can run code. This is done with the rechtenset of the current user. In addition, other security problems in the operating system could be used in order to get it. Higher rechtenset

In practice, a Word document can be blocked to take. Unsuspecting Internet users to a web page This happens at a drive-by attack. A victim can also be accessed. Via e-mail Word is actually the default viewer for messages with RTF content.

Although there is still no patch, users can protect themselves by switching, so Word does not load. Example from the RTF display in emails is Also, the automatic loading of plug-ins are disabled to prevent. Drive-by attacks in web browsers

In: Technology & Gadgets Asked By: [18412 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »