Microsoft Office RTF documents that leverage CVE-2017-0199 vulnerability

Description: This vulnerability allows a malicious actor to download and execute a Visual Basic script containing PowerShell commands when a user opens a document containing an embedded exploit. The vulnerability affects Microsoft Office, including the latest Office 2016 edition running on Windows 10.

Impact: Researchers has observed Office documents exploiting CVE-2017-0199 that download and execute malware payloads from different well-known malware families.

Mitigation: Updates are available. Please check specific vendor advisory for more information.

Reference URL’s:

Share