News Stay informed about the latest enterprise technology news and product updates.

Microsoft zero day affecting Word, Outlook present in preview mode

A new zero-day attack affecting versions of Word and Outlook uses remote code execution to gain user-level rights with a malicious RTF file.

Microsoft kicked off a new work week by announcing that a zero-day exploit affecting version of Word and Outlook has been found in the wild.

In a security advisory released Monday, the Redmond, Wash.-based vendor detailed that the Microsoft zero-day attack uses a rich text format (RTF) file. If opened or previewed in certain versions of Word or Outlook, an attacker could gain the same user rights as the current system user.

To date, the software giant said it has seen "limited targeted attacks" against only Word 2010, but said in its advisory that the issue also exists in Word 2003, 2007, 2013, Word Viewer and Office for Mac 2011.

Microsoft has yet to release a software patch for the affected applications, but it did release a temporary Fix-It workaround that prevents Word from opening RTF files and thus mitigates such an attack.

The company said when the permanent patch is available it may be released as an out-of-cycle patch or as part of its monthly Patch Tuesday release cycle.

Its next scheduled patch release date, April 8, 2014, is the final Patch Tuesday in which Microsoft will make new updates available for Windows XP. Microsoft recommended all XP users upgrade to a newer operating system with better built-in security protections.

Dig Deeper on Microsoft Patch Tuesday and patch management

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

Microsoft released a temporary 'Fix it" workaround that could block the attack by blocking rendering of the vulnerable TIFF graphic format by way of a registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Gdiplus\DisableTIFFCodec = 1