{"id":7063,"date":"2017-03-21T08:41:05","date_gmt":"2017-03-21T16:41:05","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/03\/21\/news-854\/"},"modified":"2017-03-21T08:41:05","modified_gmt":"2017-03-21T16:41:05","slug":"news-854","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2017\/03\/21\/news-854\/","title":{"rendered":"FortiGuard Labs Discovers Multiple Vulnerabilities in Microsoft Word"},"content":{"rendered":"<p><strong>Credit to Author: Tony Loi| Date: Tue, 21 Mar 2017 09:31:57 -0700<\/strong><\/p>\n<div class=\"entry\">\n<p><img decoding=\"async\" alt=\"\" src=\"https:\/\/d3gpjj9d20n0p3.cloudfront.net\/ngblog\/uploads\/files\/Microsoft_Word_2013_logo_svg.png\" style=\"float:right; margin-left:15px;width: 300px; height: 295px;\" \/>Over the last few months FortiGuard Labs&nbsp;discovered and reported multiple vulnerabilities found in different versions of Microsoft Word. These vulnerabilities were patched in the January (<a href=\"https:\/\/technet.microsoft.com\/library\/security\/ms17-002\">MS17-002<\/a>) and March (<a href=\"https:\/\/technet.microsoft.com\/library\/security\/MS17-014\">MS17-014<\/a>) security updates. These patches are rated as important, and as always, we suggest users update Microsoft Office as soon as possible.<\/p>\n<p>Following are some details of these vulnerabilities:<\/p>\n<h2><a href=\"https:\/\/www.fortiguard.com\/advisory\/FG-VD-16-079\">CVE-2017-0003<\/a> (Affects MS Word 2016)<\/h2>\n<p>This is a memory corruption vulnerability that occurs due to a miscalculation of the size of the object in heap. Later, this miscalculated size is passed to other functions, which then write more content than expected, causing memory corruption. A remote attacker may use a crafted RTF file to exploit this vulnerability and run arbitrary code in the context of the current user.<\/p>\n<p>Fortinet previously released IPS signature MS.Office.PTLS7.RTF.Handling.Memory.Corruption for this specific vulnerability to proactively protect our customers.<\/p>\n<h2><a href=\"https:\/\/www.fortiguard.com\/advisory\/FG-VD-16-081\">CVE-2017-0019<\/a> (Affects MS Word 2016)<\/h2>\n<p>This is a use-after-free vulnerability that occurs when Word tries to parse a malformed RTF file. With a specifically crafted RTF file, a remote attacker could exploit this vulnerability to run arbitrary code in the context of the current user.<\/p>\n<p>Fortinet previously released IPS signature MS.Office.RTF.File.Handling.Memory.Corruption for this specific vulnerability to proactively protect our customers.<\/p>\n<h2><a href=\"http:\/\/fortiguard.com\/advisory\/FG-VD-16-095\">CVE-2017-0105<\/a> (Affect MS Word 2007 and 2010)<\/h2>\n<p>Microsoft Word suffered from an information leak vulnerability in which an out-of-bound read could occur when Word reads a specially crafted RTF file. An attacker could leverage this vulnerability in accordance with other vulnerabilities in order to achieve arbitrary code execution upon successful exploitation.<\/p>\n<p>FortiGuard Labs&nbsp;previously released IPS signature MS.Office.Word.Uninitialize.Heap.RTF.Memory.Corruption for this specific vulnerability to proactively protect our customers.<\/p>\n<p>-= FortiGuard Lion Team =-<\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"http:\/\/ftnt.net\/2iT7Mcp%C2%A0\"><i>Sign up<\/i><\/a><i>&nbsp;for weekly Fortinet FortiGuard Labs Threat Intelligence Briefs and stay on top of the newest emerging threats.<\/i><\/p>\n<\/div<br \/><a href=\"http:\/\/blog.fortinet.com\/2017\/03\/21\/fortinet-discovers-multiple-vulnerabilities-in-microsoft-word58d052aa437f6\" target=\"bwo\" >https:\/\/blog.fortinet.com\/feed<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/d3gpjj9d20n0p3.cloudfront.net\/ngblog\/uploads\/files\/Microsoft_Word_2013_logo_svg.png\"\/><\/p>\n<p><strong>Credit to Author: Tony Loi| Date: Tue, 21 Mar 2017 09:31:57 -0700<\/strong><\/p>\n<p>Over the last few months we discovered and reported multiple vulnerabilities found in different versions of Microsoft Word. These vulnerabilities were patched in the January (MS17-002) and March (MS17-014) security updates. These patches are rated as important, and as always, we suggest users update Microsoft Office as soon as possible.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10424,10378],"tags":[],"class_list":["post-7063","post","type-post","status-publish","format-standard","hentry","category-fortinet","category-security"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7063","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=7063"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7063\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=7063"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=7063"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=7063"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}