Exploit affects RTF documents for Microsoft Word on Windows and Mac

Home / Exploit affects RTF documents for Microsoft Word on Windows and Mac

Exploit affects RTF documents for Microsoft Word on Windows and Mac

Microsoft published 23 security updates on Tuesday, 8th May, which users of Microsoft Windows should install. There is one particular update that patches a security vulnerability that affects RTF documents. Windows and Mac users are potentially both affected by this vulnerability.

Mac users should install the patch as a matter of urgency, like Windows users, to protect against any further malware attacks, given the recent interest by cybercriminals.

Which products are affected by this exploit?

According to Microsoft’s Security Bulletin MS12-029, users of the following products are affected by this vulnerability:

  • Microsoft Office 2003
  • Microsoft Office 2007
  • Microsoft Office 2008 for Mac
  • Microsoft Office for Mac 2011
  • Microsoft Office Compatibility Pack

How the exploit affects RTF documents

RTF is the file type for Rich Text Format documents. Unlike DOC files, which can only be edited by Microsoft Word, RTF can be used by most word processors and allows documents to be shared. Microsoft Word’s DOC files allow macros to be programmed and run, which allows common tasks to be automated. RTF documents don’t support macros and are generally more trusted. However, this security vulnerability allows such code to be executed from an RTF file that is opened in Microsoft Word.

In theory, this could give the potential for a cybercriminal to gain access to your files, or to your system to install additional malware, simply by opening a malicious RTF document.

Install the update for Microsoft Office

If you are a Windows user, this update will be installed via Windows Update. Make sure Windows Update is set up to download and install updates automatically, or you can install updates manually.

Mac users can run the Microsoft AutoUpdate program, or you can download and install the updates from Microsoft yourself: