Microsoft .rtf file exploit is like being murdered by a chipmunk

What's next, ASCII bombs?

The simplest thing in the IT universe other than an ASCII or .txt file is an .RTF, right? Almost as simple, almost as tiny, just as safe as .txt files, but you can do really radical things, like make text bold, italic, put in bullet lists, without involving functions rich or powerful enough that you even have to worry about attaching them to email or distributing them because there's almost no way you could pass along anything bad.

Apparently that's not true

Microsoft has admitted there was a bug that would allow serious attacks using .rtf files in a version of Word -- well, five base versions of Word covering 11 years, as well as the various special configurations and ports to other OSes going back 11 years. In fact, Microsoft mentioned something about an RTF exploit only six years ago. Apparently the fix didn't take.

Even more exciting, it's been spotted widely being used in the wild.

Microsoft put out information about the vulnerability Nov. 9, but is still updating, expanding and formally announcing it to get customers to install the patch that is supposed to fix it.

The bug allows attackers to launch stack overflows in Word and then download a Trojan horse that could be, basically, anything.

The flaw affects Word 2002, 2003, 2007 and 2010, but has not yet fixed it in Word 2004. There are one or two other Microsoft SKUs that are affected as well.

If you don't have machines update automatically and you don't know about this, you should take a look.

The bug could launch in an Outlook preview pane as well as in Word itself, but can be patched using the patch MS10-087.

Next week, how water can kill you even when you're not drowning in it.

Kevin Fogarty writes about enterprise IT for ITworld. Follow him on Twitter @KevinFogarty.

What’s wrong? The new clean desk test
Join the discussion
Be the first to comment on this article. Our Commenting Policies