The security gap CVE-2023-21716 It affects multiple versions of Microsoft Office, SharePoint, and Microsoft 365 apps released by the company last month.
CVE-2023-21716 was discovered and disclosed privately by security researcher Joshua J. Drake in November 2022.
Πρόκειται για μια ευπάθεια heap corruption στον αναλυτή RTF του Microsoft Word που εάν ενεργοποιηθεί, επιτρέπει στους εισβολείς να επιτύχουν απομακρυσμένη εκτέλεση κώδικα με τα προνόμια του θύματος.
The flaw does not require any authentication: οι εισβολείς μπορούν απλώς να στείλουν ένα αρχείο RTF που περιέχει το exploit στο θύμα μέσω email.
“Microsoft Office 2010 and other later versions use Protected View to limit the damage caused by malicious documents from untrusted sources. Protected View is in effect when this vulnerability occurs and therefore an additional sandbox is required," Drake said in the report sent to Microsoft.
https://twitter.com/jduck/status/1632471544935923712
His report also includes a proof-of-concept PoC (a Python script) that can be used to create a file that triggers the vulnerability.
What can you do:
- Configure Microsoft Outlook to read all messages in plain text.
- Use the Microsoft Office file blocking policy to prevent Office from opening RTF documents from unknown or untrusted sources.
