Hackers they managed to do it exploit to a vulnerability discovered in the application Become of Microsoft. Through it you can obtain remote control of systems, according to company warning.
The attack currently being released online comes with trapped rich text (RTF) documents that exploit a vulnerability in the Word 2010 version, according to a caution issued today by the company. Emails that are opened or previewed using a default setting in Outlook allow the attacker to acquire the same privileges on the system as the user who is currently logged in.
"Microsoft is aware of a vulnerability that affects supported versions of Microsoft Word," the company told Security Advisory (2953095). "We are currently aware of limited, targeted attacks on users with Microsoft Word 2010. The vulnerability could allow remote code execution if a user opens a specially edited RTF file using an affected version of Microsoft Word. The same thing can happen if you preview or open a specially created RTF file in an e-mail message in Microsoft Outlook, and use Microsoft Word to view the e-mail. ”
The security bulletin says Drew Hintz, Shane Huntley and Google security team Matty Pellegrino discovered the vulnerability, which has been officially recorded as CVE-2014-1761. Microsoft has issued a temporary solution which modifies Microsoft Office and prevents the opening of RTF files in supported versions of Microsoft Word. Users can also protect themselves from exploit by viewing emails in plain text. Microsoft has, of course, stated that it will issue an update to correct the vulnerability when the research is completed.