New zero day exploit

Discussion in 'Security' started by Trouble, Apr 9, 2017.

  1. Trouble

    Trouble Noob Whisperer Moderator

    Joined:
    Nov 19, 2013
    Messages:
    10,604
    Likes Received:
    1,624
    Location:
    Northwest Indiana U.S.A.
    Trouble, Apr 9, 2017
    #1
    Ian likes this.
    1. Advertisements

  2. Trouble

    Tim Locke

    Joined:
    May 6, 2015
    Messages:
    1,974
    Likes Received:
    275
    Location:
    Guelph On
    Also in ArsTechnica
     
    Tim Locke, Apr 10, 2017
    #2
    1. Advertisements

  3. Trouble

    Regedit32 Moderator

    Joined:
    Mar 4, 2016
    Messages:
    2,761
    Likes Received:
    833
    So assuming Microsoft patch this exploit, the next question is will they offer that patched support to earlier editions of Microsoft Office, or only for those investing in the latest edition.
     
    Regedit32, Apr 10, 2017
    #3
  4. Trouble

    Trouble Noob Whisperer Moderator

    Joined:
    Nov 19, 2013
    Messages:
    10,604
    Likes Received:
    1,624
    Location:
    Northwest Indiana U.S.A.
    Good question.
    I would assume that as long as the particular Office product has not reached "End of Life Support" that it would still receive security updates.
    As best I can determine Office 2007 SP3 is on the chopping block for October 31st this year.
     
    Trouble, Apr 10, 2017
    #4
  5. Trouble

    Regedit32 Moderator

    Joined:
    Mar 4, 2016
    Messages:
    2,761
    Likes Received:
    833
    Yes that is what I'd expect them to do.

    However, given this exploit presumably has existed for far longer than Office 2007, I personally feel they are obliged to provide security support to all Editions affected.

    I regularly see people providing me documents created in earlier editions of Office hence the concern.
     
    Regedit32, Apr 10, 2017
    #5
  6. Trouble

    Trouble Noob Whisperer Moderator

    Joined:
    Nov 19, 2013
    Messages:
    10,604
    Likes Received:
    1,624
    Location:
    Northwest Indiana U.S.A.
    I really couldn't say.
    The article specifically mentions "winword.exe" and then specifically mentions an "RTF file" (rich text format).
    I have some additional concerns regarding the native WordPad application which has been around practically forever and......
    I believe that .rtf (rich text format), is still the default save extension for that product.
     
    Trouble, Apr 10, 2017
    #6
  7. Trouble

    Regedit32 Moderator

    Joined:
    Mar 4, 2016
    Messages:
    2,761
    Likes Received:
    833
    That's a good point Trouble.

    I'm hoping when the patch is released some more information on the actual exploit will be made available so all antivirus companies can at least provide a measured form of protection against it.

    Until I hear differently I'll just have to insist those providing me word files use the doc or docx extension and hope the exploit cannot travel from a rtf file to another format if the original file saved as another extension was rtf.
     
    Regedit32, Apr 10, 2017
    #7
    Ian likes this.
  8. Trouble

    Data Chief Operations Officer

    Joined:
    Apr 13, 2017
    Messages:
    427
    Likes Received:
    82
    Location:
    Warping out of sector 0 aboard the NCC-1701-E
    Has this not been patched over patch Tuesday already?
     
    Data, Apr 13, 2017
    #8
  9. Trouble

    Data Chief Operations Officer

    Joined:
    Apr 13, 2017
    Messages:
    427
    Likes Received:
    82
    Location:
    Warping out of sector 0 aboard the NCC-1701-E
    I PM Trouble with exploit details, despite it being available in some reputable and public websites, I thought best not to let it loose around here, you never know what some kids will do)

    The patches for this exploit were released https://www.catalog.update.microsoft.com/Search.aspx?q=KB4014793 that information is available at https://support.microsoft.com/en-gb/help/4014793/title

    Ms offer more information about patches at https://portal.msrc.microsoft.com/en-US/security-guidance (must accept terms of service to view)

    Talk about convoluted methods, I believe all information relevant should be readily available not hidden in sub-levels
     
    Data, Apr 19, 2017
    #9
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.