Kevin Beaumont · @GossiTheDog
26194 followers · 918 posts · Server cyberplace.socialHaven't seen any working exploitation of #CVE202321716 at all - all just people reusing the crash POC, nobody made it to RCE.
Kevin Beaumont · @GossiTheDog
25027 followers · 841 posts · Server cyberplace.social
Kevin Beaumont · @GossiTheDog
24911 followers · 847 posts · Server cyberplace.social
Continuing to keep an eye on #CVE202321716 with custom rules in #VirusTotal - pleased to say after a week of people trying, I haven't seen anybody who has actually made it to RCE yet (or even close).
Kevin Beaumont · @GossiTheDog
24820 followers · 817 posts · Server cyberplace.socialI've been keeping an eye on #CVE202321716 (the MS Word RTF vuln) via #GossiMonitoring
The headline is, people are starting to experiment with it.
#cve202321716 #gossimonitoring
Joe Shenouda · @shenouda
114 followers · 103 posts · Server cybersecurity.masto.host
Looks like Microsoft Word just got a new RCE vulnerability patched... don't worry, we'll just stick to carrier pigeons for sharing documents from now on 🐦 #CVE202321716 #MicrosoftWord https://cybersec.xmcyber.com/s/microsoft-word-rce-cve-2023-21716-7634
Kevin Beaumont · @GossiTheDog
24774 followers · 806 posts · Server cyberplace.socialKeep an eye on CVE-2023-21716 aka MS Word vulnerability from February 2023 in RTF files.
There's a public proof of concept: https://qoop.org/publications/cve-2023-21716-rtf-fonttbl.md
Where it gets more interesting - you can embed RTF files in email, Microsoft Outlook renders them with no clicks, by just reading the email.