Do not open or preview any .RTF email attachments from strangers or suspicious websites – it could be a malicious attack. Microsoft today announced an unpatched, Zero-day vulnerability in Microsoft Word 2010 that is being actively exploited by attackers.
A zero-day attack is an attack that exploits a previously unknown vulnerability in a computer application, one that developers have had no time to address and patch.
Explaining the vulnerability, Microsoft says that attackers send (.RTF) Rich Text Format files via email to execute malicious code and gain remote access to your PC, steal files and monitor your activities.
Previewing or downloading these crafted and targeted .RTF files using an affected version of Microsoft Word could allow remote execution to the attackers. Customers operating their system with administrative rights are affected more than those having fewer rights on the system.
How to avoid this Zero Day Threat
- Disable opening RTF content in Microsoft Word
- Change your Outlook settings to preview mail attachments in plain text.
- Do not open, preview or download any .RTF email attachments from strangers or suspicious.
While the attacks are targeting Word 2010 reportedly, other affected software include:
- Microsoft Word 2003 Service Pack 3
- Microsoft Word 2007 Service Pack 3
- Microsoft Word 2010 Service Pack 1 (32-bit editions)
- Microsoft Word 2010 Service Pack 2 (32-bit editions)
- Microsoft Word 2010 Service Pack 1 (64-bit editions)
- Microsoft Word 2010 Service Pack 2 (64-bit editions)
- Microsoft Word 2013 (32-bit editions)
- Microsoft Word 2013 (64-bit editions)
- Microsoft Word 2013 RT
- Microsoft Word Viewer
- Microsoft Office Compatibility Pack Service Pack 3
- Microsoft Office for Mac 2011
- Word Automation Services on Microsoft SharePoint Server 2010 Service Pack 1
- Word Automation Services on Microsoft SharePoint Server 2010 Service Pack 2
- Word Automation Services on Microsoft SharePoint Server 2013
- Microsoft Office Web Apps 2010 Service Pack 1
- Microsoft Office Web Apps 2010 Service Pack 2
- Microsoft Office Web Apps Server 2013
Microsoft Active Protections Program (MAPP) executives are actively investigating about the vulnerability to provide additional protections to customers. The company may soon provide protection through a monthly security update release.
Meanwhile, Microsoft suggests users to follow the guidance in the Microsoft Safety & Security Center of enabling a firewall, applying all software updates, and installing antimalware software.