04 Jan 2011

Microsoft Word RTF docs vulnerable to malware

Microsoft recently had to remind users to update Microsoft Office to remove a hole in the software’s handling of RTF documents. According to the company, malware recently emerged that threatens these documents.

“The vulnerability can be triggered by utilizing a specially crafted RTF file with a size parameter that is bigger than the expected one,” Microsoft said in a blog post. “The vulnerability is present in Microsoft Word. It attempts to copy RTF data to the stack memory without validating the size, which will lead to overwriting the stack.”

The malware was discovered in most versions of the Microsoft Word, including Word 2010. Microsoft released patches for all Windows versions of Word, as well as Word 2011 for Macs. “We recommend customers that have not yet installed the security update MS10-087 to do so at their earliest convenience,” Microsoft said.

According to Microsoft, malware allows attackers to “gain user rights as a local user,” meaning the severity of an attack would vary depending on the user’s account configuration.

The problem was originally patched in November 2010, when Microsoft launched a wide variety of security updates. However, Microsoft’s security team has since found additional holes.