Microsoft has issued a critical patch for a vulnerability affecting Microsoft Office and WordPad. The vulnerability allows Rich Text Format (RTF) documents to run scripts when opened.   Malicious email campaigns using this vulnerability to install the Dridex banking trojan and other malware have been reported.

 

Recommended Actions:

  • Apply the relevant Microsoft patches as soon as possible to all Windows machines.
  • Do not open attached documents from unknown sources.

 

Additional Details:

  • It has been reported that having Protected View enabled in MS Office prevents the exploits from working, however there are known bypasses; Protected View should not be relied upon as adequate mitigation.
  • The vulnerability does not affect Microsoft Office on Mac OS X.

 

References:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199

eSentire Media Contacts

Mandy Bachus | eSentire | [email protected] | +1 519.651.2200 x5226 | @MandyBachus

Angela Tuzzo | MRB Public Relations | [email protected] | +1 732.758.1100 x105 | @MRB_PR

Ready to start the conversation about cybersecurity?
Talk to us today.
Let's Talk