PoC exploit for Microsoft Word RCE is public (CVE-2023-21716)

The security gap CVE-2023-21716 it affects too many versions of Microsoft Office, SharePoint, but also Microsoft 365 apps released by last month.
CVE-2023-21716 was discovered and disclosed privately by security researcher Joshua J. Drake in November 2022.

exploit, rce, Microsoft Word

This is a heap corruption vulnerability in Microsoft Word's RTF parser that, if enabled, allows attackers to achieve remote code with the victim's privileges.

The defect does not require any inspection : attackers can simply email an RTF file containing the exploit to the victim.

“Microsoft Office 2010 and other later versions use Protected View to limit the damage caused by malicious documents from untrusted sources. Protected View is in effect when this vulnerability occurs and therefore an additional sandbox is required," Drake said in the report sent to Microsoft.

https://twitter.com/jduck/status/1632471544935923712

His report also includes a proof-of-concept PoC (a Python script) that can be used to create a file that triggers the vulnerability.

What can you do:

  • Configure Microsoft Outlook to read all in plain text.
  • Use the Microsoft Office file blocking policy to prevent Office from opening RTF documents from unknown or untrusted sources.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.
exploit, rce, Microsoft Word

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).