PoC exploit for Microsoft Word RCE is public (CVE-2023-21716)

The security gap CVE-2023-21716 It affects multiple versions of Microsoft Office, SharePoint, and Microsoft 365 apps released by the company last month.
CVE-2023-21716 was discovered and disclosed privately by security researcher Joshua J. Drake in November 2022.

exploit, rce, Microsoft Word

This is a heap corruption vulnerability in Microsoft Word's RTF parser that, if enabled, allows attackers to achieve remote code with the victim's privileges.

The flaw does not require any authentication: attackers can simply send one RTF containing the exploit to the victim via email.

“Microsoft and other later versions use Protected View to limit the damage caused by malicious documents from untrusted sources. Protected View is in effect when this vulnerability occurs and therefore an additional sandbox is required," Drake said in the report sent to Microsoft.

https://twitter.com/jduck/status/1632471544935923712

His report also includes a proof-of-concept PoC (a Python script) that can be used to create a file that triggers the vulnerability.

What can you do:

  • Configure Microsoft Outlook to read all messages in plain text.
  • Use the Microsoft Office file blocking policy to prevent Office from opening RTF documents from unknown or untrusted sources.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.
exploit, rce, Microsoft Word

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).