• Bloated Patch Tuesday brings fix for nasty Word/RTF/Net vulnerability

    Posted on September 13, 2017 at 05:58 CDT by

    For you folks guarding Russian-language espionage worthy secrets, there’s a hundred or so patches I need to tell you about.

    For the rest of you, hang tight. We’re still at MS-DEFCON 2. Let’s wait and see what problems flush out of this month’s huge round of Patch Tuesday patches.

    Computerworld Woody on Windows.

    UPDATE: Ars Technica’s Dan Goodin just tweeted that there is now public exploit code for CVE-2017-8759 making the rounds. That steps up the pressure to patch, considerably.

    ANOTHER UPDATE: Good question from an anonymous commenter:

    does this same vuln still apply if RTF file is opened instead in Wordpad?

    Answer: No. It requires Word, and Word cannot be running in Preview Mode. If you open RTF files with Wordpad, the Word Viewer, or any of a gazillion RTF readers (including OpenOffice), the .NET bug is NOT triggered.

    Windows Patches/Security
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.