Facing Attacks on RTF Hole, Microsoft Urges Office Users To Patch

The Microsoft Malware Protection Center has urged users of its Office suite to apply a security update, MS10-087, released last November. The company says it has become aware of attacks exploiting the hole in Office applications that are circulating on the Internet.

The security hole in question affects features that allow Microsoft Office applications to parse different file formats. The vulnerability in question, ‘RTF Stack Buffer Overflow Vulnerability,’ can be triggered in Microsoft Word with a specially formatted RTF (Rich Text Format) file. Microsoft says it has evidence of specially crafted RTF files circulating in the wild that attempt to trigger the vulnerability, according to a post on the Microsoft Malware Protection Center blog.

In overflow attacks, attackers are able to gain access to areas of a vulnerable machine's memory beyond what has been allocated for a particular job. That allows malicious code to be copied to unprotected areas of a victim's system and run -disrupting the operation of the machine or allowing the attacker to install their own code on the system. 

In the wild, Microsoft found emails with files titled ‘Bilawar Bhutto Sex Scandal’ and ‘New Year’s Greeting Card.’ While the company isn't speculating on the origin or intended targets of the attacks, both the files themselves and their names were written in Russian.

In addition to installing the MS10- 087 upgrade, the Microsoft Malware Protection team recommends enabling the firewall, using up-to-date anti-virus software, limiting user privileges and using strong passwords on your computer as well as using caution when opening file attachments, accepting file transfers, and linking to unfamiliar websites.

Commenting on this Article is closed.