Fortinet Discovers Microsoft Word RTF File Handling Memory Corruption Vulnerability
Summary
Fortinet's FortiGuard Labs has discovered an Use-After-Free vulnerability in Microsoft Word.
Microsoft Office is an office suite of applications, servers and services. It was first announced by Microsoft in 1988. The first version of Office contained Microsoft Word, Microsoft Excel and Microsoft PowerPoint. Over the years, Office applications have grown substantially closer with shared features such as a common spell checker, OLE data integration and Visual Basic for Applications scripting language. Microsoft also positions Office as a development platform for line-of-business software under the Office Business Applications brand.
It has been discovered that a Memory Corruption vulnerability exists in the Microsoft Word when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system.
Solutions
FortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:MS.Office.PTLS7.RTF.Handling.Memory.Corruption
Released Jan 05, 2017
Users should apply the solution provided by Microsoft.
Timeline
Fortinet reported the vulnerability to Microsoft on November 10, 2016.
Microsoft patched the vulnerability on January 10, 2017.