Apps Development and Hosting Platform | IT Company Australia

PoC for a major Microsoft Word RCE problem revealed

March 8, 2023
Articles
,
0

Over the weekend, a proof-of-concept for CVE-2023-21716, a severe vulnerability in Microsoft Word that permits remote code execution, was disclosed.

The vulnerability was given a severity level of 9.8 out of 10. Microsoft Office 365 parent company addressed it in the February Patch Tuesday security patches, along with a handful of remedies.

The low attack complexity, with the lack of access and user engagement necessary to exploit it, determines the severity score.

Last year, security researcher Joshua Drake uncovered the vulnerability in Microsoft Office’s “wwlib.dll”. They gave Microsoft a technical warning with proof-of-concept (PoC) code demonstrating the issue’s exploitability.

A remote attacker can exploit the flaw to execute code with the same privileges as the victim, opening a malicious document in RTF format.

Sending the infected file to a target may be as simple as attaching it to an email, though there are several more options.

Microsoft 365 Office company advises that users do not need to open a malicious RTF document. Furthermore, they warned that merely opening the file in the Preview Pane will initiate the attack.

According to the cybersecurity website researcher, the Microsoft Word RTF parser includes a heap corruption vulnerability that is triggered “when dealing with a font table (*fonttbl*) containing an excessive number of fonts (*f###*).

An attacker could exploit the problem after the memory corruption occurs by using a “well-constructed heap structure.

Tweet-sized PoC

The PoC from the researcher reveals the heap corruption vulnerability stops short of running the Calculator app in Windows, to demonstrate code execution.

No one has reported exploiting the vulnerability, and Microsoft believes that it is “less likely.”

Threat actors are drawn to critical vulnerabilities like this one. Moreover, the more skilled ones attempt to reverse engineer the fix to discover a method to exploit it.

As exploit code gets accessible, a wider pool of attackers begins to exploit the vulnerability. As it takes less work to alter a PoC than it does to create an exploit from scratch.

It is unknown whether the present Proof of Concept can be turned into a full-fledged exploit. However, it just indicates that exploitation is conceivable without demonstrating it.

Moreover, remote code execution in Office 365 is actively pursued as it would facilitate widespread virus distribution.

A similar vulnerability in Microsoft Excel Equation Editor was addressed, although it is still part of certain campaigns today.

Workarounds might backfire

The vendor’s warning for CVE-2023-21716 contains a complete list of Microsoft Office products affected by the issue.

Customers unable to install the update can view emails in plain text format. However, this is unlikely to be adopted because images and rich content are not available.

Another alternative is to enable the Microsoft Office File Block policy. It prohibits Office apps from accessing RTF files from unknown or untrusted sources.

This approach necessitates the modification of the Windows Registry and comes with a warning that if you use Registry Editor incorrectly, you may cause major difficulties that may need the reinstallation of your operating system.

Furthermore, if an “exempt directory” is not specified, users risk being unable to access any RTF document.

Even if a comprehensive attack is presently unavailable and just theoretical, applying the Microsoft security update is the safest approach to address the problem.

Hey, like this? Why not share it with a buddy?

Related Posts

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

Popular TAGS

Latest Posts

Business

Transfer a Domain Name: Everything you need to know

Business

Google cautions consumers of Android device remote issues

News

Google adds another AI dollop to Workspace

Articles

Cyber Insurance: Strengthening Cyber Defenses

Cloud Services

Cloud costs management is more difficult than ever

News

Businesses: Stop employing the worst passwords imaginable

Business

Discover Dark Data Challenges in Your Business

News

Email security is more concerning for organizations

Articles

PoC for a major Microsoft Word RCE problem revealed

Hosting

Your Ultimate Guide to Choosing the Right Web Hosting Solution

News

Google Cloud storage is not as secure as we believe

Articles

Web and Mobile Applications Essential Elements

Cloud Services

Cloud expenditure is increasing again as enterprise budgets expand

News

WordPress Houzez theme weaknesses used to takeover websites

Articles

Email Security: Protecting Your Communications in a Digital Age

Articles

Cloud: Most businesses have a misconfiguration problem

Articles

Mozilla: Most popular Android apps are not private

Articles

Gmail IMAP sync issues that are affecting Outlook users

Articles

Stealc malware with a variety of stealing capabilities emerges

News

Hotmail: The latest spam failure is Microsoft’s difficulty

0
Would love your thoughts, please comment.x
()
x