Microsoft Office RTF documents that leverage CVE-2017-0199 vulnerability
by CIRT Team
Description: This vulnerability allows a malicious actor to download and execute a Visual Basic script containing PowerShell commands when a user opens a document containing an embedded exploit. The vulnerability affects Microsoft Office, including the latest Office 2016 edition running on Windows 10.
Impact: Researchers has observed Office documents exploiting CVE-2017-0199 that download and execute malware payloads from different well-known malware families.
Mitigation: Updates are available. Please check specific vendor advisory for more information.