BERKELEY, California, Nov. 14, 2017 /PRNewswire/ -- Embedi - a company specializing in cybersecurity solutions for embedded devices published its new report on Microsoft Word 17 y.o. RCE vulnerability.
In their new research, Embedi experts managed to find a vulnerability in the Microsoft Office package, one of the most popular office solutions used all around the globe.
It turned out that the vulnerability has not been patched for 17 years, and it seems like Microsoft has not known it exists. This vulnerability (CVE-2017-11882) is extremely dangerous because it:
- works with all the Microsoft Office versions released in the past 17 years (including Microsoft Office 365)
- works with all the Microsoft Windows versions (including Microsoft Windows 10 Creators Update)
- is relevant for all the types of architectures
- does not interrupt a user's work with Microsoft Office
- if a document is opened, the vulnerability does not require any interaction with a user to be exploited.
You can find the original research through the link https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about.
About the Company: Embedi expertise is backed up by extensive experience in security of embedded devices, with special emphasis on attack and exploit prevention. Years of research are the genesis of the software solutions created. Embedi developed a wide range of security products for various types of embedded/smart devices used in different fields of life and industry such as wearables, smart home, retail environments, automotive, smart buildings, ICS, smart cities, and others. Embedi is headquartered in Berkeley, USA. Visit embedi.com for more information and follow Embedi on Twitter(@_embedi_).
View original content with multimedia:http://www.prnewswire.com/news-releases/embedi--skeletons-in-the-closet----ms-word-rce-vulnerability-almost-17-years-old-300555890.html