Show threadKevin BeaumontJul 5, 2023

Four months later on CVE-2023-21716 - I still haven't seen a single in the wild document that reaches RCE for this, nor an RCE exploit.

#CVE202321716

Show threadKevin BeaumontApr 18, 2023
Haven't seen any working exploitation of #CVE202321716 at all - all just people reusing the crash POC, nobody made it to RCE.
Show threadKevin BeaumontMar 7, 2023

I've been keeping an eye on #CVE202321716 (the MS Word RTF vuln) via #GossiMonitoring

The headline is, people are starting to experiment with it.

Kevin BeaumontMar 6, 2023

Keep an eye on CVE-2023-21716 aka MS Word vulnerability from February 2023 in RTF files.

There's a public proof of concept: https://qoop.org/publications/cve-2023-21716-rtf-fonttbl.md

Where it gets more interesting - you can embed RTF files in email, Microsoft Outlook renders them with no clicks, by just reading the email. There's a decent chance this could become problematic combination.. although not yet as the PoC is vague enough to require a clue to exploit. HT @fellows

#CVE202321716

OPSEC Cybersecurity News LiveFeb 14, 2023
Microsoft Patch Tuesday, February 2023 Edition

https://krebsonsecurity.com/2023/02/microsoft-patch-tuesday-february-2023-edition/

#MicrosoftPatchTuesdayFebruary2023 #TrendMicroZeroDayInitiative #sansinternetstormcenter #InternetExplorer11 #JohannesUllrich #MicrosoftOffice #LatestWarnings #SecurityTools #ImmersiveLabs #CVE202321529 #CVE202321706 #CVE202321707 #CVE202321715 #CVE202321716 #CVE202321823 #CVE202323376 #DustinChilds #TimetoPatch #KevinBreen #Mandiant
Microsoft Patch Tuesday, February 2023 Edition – Krebs on Security