There is a Zero-Day attack that works on all versions of Windows, even fully patched machines. The attack happens by opening up a Microsoft Word RTF file. The vulnerability is present in all versions of installed Microsoft Word.
Attackers gain full code execution on the victims machine. Since discovery, it doesn’t look like a patch for this flaw will be available in the next round of Microsoft patches that are released in April. So, current recommendations to protect yourself against this flaw are to not open any suspicious Word Documents, always view documents sent to you in Office Protected View, and disable macros from automatically executing.
Leave a Reply
You must be logged in to post a comment.