APT Attackers Are Increasingly Using Booby-trapped RTF Documents


May 10, 2012 By The Vigilant Application Owner

IDG News Service – (International) APT attackers are increasingly using booby-trapped RTF documents. Booby-trapped Rich Text Format (RTF) documents are one of the most common types of malicious Microsoft Office files that are used to infect computers with advanced persistent threats, according to security researchers from Trend Micro. The company’s statistics show that 63 percent of the malicious Microsoft Office documents intercepted in April exploited vulnerabilities in Microsoft Word. Out of those vulnerabilities, the most commonly targeted ones were CVE-2010-3333 and CVE-2012-0158, which stem from bugs in Microsoft Word’s code for parsing RTF content. This is troublesome because Microsoft just patched a new Microsoft Word RTF parsing vulnerability May 8 that could allow remote code execution.

Source: http://www.infoworld.com/d/security/apt-attackers-are-increasingly-using-booby-trapped-rtf-documents-192891