WARNING: Microsoft Word Is Under A Hack Attack: Do Not Open Documents Named '.RTF'

Good ole MS.
First malware/virus I ever encountered was an .RTF file exploit running on Word 6/Win 3.1 in 1997 lol.

Working in a business where we had 100's of RTF's sent every day (CV's) it was quite a challenge to resolve and we ended up only opening files in notepad for about 3 mths until MS responded.

Good to see some things never change.

Why declare this?
Why not just fix it and put it into the next batch of updates and include it in the report?
There is an open loop hole that you're practically daring hackers to exploit with an article like this!

Stupid..

I rek'n, at-least 1 in 2 people download, run, install, browse or use the internet ''loosely'' .. phones, laptops, ipads, internet banking, ebay, paypal, gmail, wifi and USB sticks.... people are so risky.. soon iphones will have their own std's!

Have you seen the size of the Internet? its EPIC!

Agit8dChop

Have you seen the size of the Internet? its EPIC!

Its quite obvious Microsoft still doesnt, they ask every user to download the latest windows 8.1, .
That "every user" translate to about 100M licensed users, lets be modest, 10M users.

Microsoft is making more stupid business decisions these days.

reply to post by Domo1


Thanks for the Heads Up !
Much appreciated.

S&F

Luckily this wont effect many as RTF format is old and largely unused, so it should be easy to avoid for most.

Simply go to your file extensions menu and change RTF so its not associated with word (and that instead its not associated at all).

That's what i will do on the work network to stop those dummy's opening every attachment on every email and messing things up.

Word normal formats are doc and .doc

FOR EVERYONE WHO DOES NOT WANT TO DOWNLOAD THE MS-TOOL

This works for every windows back to 98 I think:

-search for RTF file
-hold shift and right click on file
-"open with"
-choose Editor/Notepad as standarttool
-make sure box is checked ("always use this...")
hit enter.

RTF files are now always opened with editor/notepad/whatever you choose.


edit: biigs was faster

Biigs
Luckily this wont effect many as RTF format is old and largely unused, so it should be easy to avoid for most.

Except for all those leechers that will get them with their warez.

verschickter
Luckily this wont effect many as RTF format is old and largely unused, so it should be easy to avoid for most.

Except for all those leechers that will get them with their warez.


Even if they do, do all those i say FOOOOOLZ!


Use Open office if you dont have a copy or access to M$ Word.

Open office is a free to use, free to download, freeware copy of M$ office and it works very well, and for the most part it works the same too.

Since I am a little bit in this scene, I know about this kind of exploits for years.
I even know sites where you can buy the actual one, which is btw arround for at least 1 year.
Prices are arround several thousand dollars.

Domo1
reply to post by tinker9917

 

Anytime, thanks for replying. Would prefer replies to stars and flags so this stays visible.

Cheers for the heads-up.....+S&F anyway!

2nd

reply to post by Biigs


the exploit works in Outlooks preview screen without actually opening the file.