Microsoft Word zero day exploit discovered. How to protect your system.

Posted: March 27, 2014 in Security
Tags: , , , , ,

Chuck Talking Tech / by Chuck Bienenfeld

March 27, 2014, 2014

Microsoft announced on March 24, 2014 in a Microsoft Security Advisory (link: 2953095) that they discovered a vulnerability affecting supported version of Microsoft Word.  This exploit could allow a malicious user remote access to the effected system with the same user rights as the current user.

The exploit can affect a system as a result of a user opening a specially crafted RTF (Rich Text Format) file or previews/opens a specially crafted RTF email message in Microsoft Outlook while using Microsoft Word (2007, 2010 or 2013) as the email viewer.  These files have a .rtf extension or appear with an RTF icon.  Many users have setup their Microsoft Outlook default email format option to use this type of file formatting.

As per the advisory a user can protect their system from the exploit while they wait for a patch by:

Applying the Microsoft Fix it solution, “Disable opening RTF content in Microsoft Word,” prevents the exploitation of this issue through Microsoft Word. See the Suggested Actions section of this advisory for more information.

The temporary workaround can be found on the Microsoft Security Advisory in the Suggested Actions~Workarounds section.  They you will find links to the knowledge base article 2953095 which contains links to Microsoft’s automated “Fix it” tool.

Microsoft also stated that:

On completion of investigation for this vulnerability, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.

It is important to reiterate that the exploit provides the remote user with the same user rights as the user.  Please see the blog post entitled “Best Way to Protect Yourself from Window’s Exploits is you”.  This post talks about the importance of use standard or limited user accounts to avoid over 92% of the Window’s exploits

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s