New Microsoft Word Zero-Day Used in Targeted Attacks

Oh goodie...

... is the bar open yet?

Microsoft warned on Monday of a remote code execution vulnerability (CVE-2014-1761) in Microsoft Word that is being actively exploited in targeted attacks directed at Microsoft Word 2010.

“The vulnerability could allow remote code execution if a user opens a specially crafted RTF file using an affected version of Microsoft Word, or previews or opens a specially crafted RTF email message in Microsoft Outlook while using Microsoft Word as the email viewer,” Microsoft explained in the advisory.

If successfully exploited, an attacker could gain the same user rights as the current user, Microsoft said, noting that users whose accounts are configured to have fewer user rights on the system could be less impacted than accounts with administrative privileges.

Read the rest of the article.

 

Last modified on Tuesday, 25 March 2014 15:34

Da Boss!

Website: www.digitalsmind.com Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Latest Content

  • Snag-It 2018 - Best Screen Capture Tool - PERIOD!
    Written by

    Da Boss!

    Snag-It 2018 - Best Screen Capture Tool - PERIOD! Well, it's almost here but I was graced by the…
    Read more...
  • Windows 10 Fall Creators Update: Lots of small changes—and maybe the revolution
    Written by

    Da Boss!

    Windows 10 Fall Creators Update: Lots of small changes—and maybe the revolution Hopefully this one will go a little smoother than the…
    Read more...
  • VirtualBox 5.1.30
    Written by

    Da Boss!

    VirtualBox 5.1.30 If you are looking for a VM program\utility that can…
    Read more...
  • Microsoft employees can now work from tree houses
    Written by

    Da Boss!

    Microsoft employees can now work from tree houses Damn...can't seem to find my resume. How freaking cool would…
    Read more...
  • US CERT advisory: severe flaw in popular WiFi security protocol WPA2 leaves WiFi traffic open to eavesdropping, connection hijacking, and malicious injection
    Written by

    Da Boss!

    US CERT advisory: severe flaw in popular WiFi security protocol WPA2 leaves WiFi traffic open to eavesdropping, connection hijacking, and malicious injection And I haven't even finished my first cup of coffee…
    Read more...

Visit the Digitalsmind Video YouTube Page!

Did you know we have a video page on YouTube? 

Well... WE DO! 

Check us out! 

- Our Video page.