Kevin BeaumontMar 6, 2023

Keep an eye on CVE-2023-21716 aka MS Word vulnerability from February 2023 in RTF files.

There's a public proof of concept: https://qoop.org/publications/cve-2023-21716-rtf-fonttbl.md

Where it gets more interesting - you can embed RTF files in email, Microsoft Outlook renders them with no clicks, by just reading the email. There's a decent chance this could become problematic combination.. although not yet as the PoC is vague enough to require a clue to exploit. HT @fellows

#CVE202321716

Show threadKevin BeaumontMar 6, 2023
Good luck anybody enabling this mitigation in a corporate environment, lmao.
Show threadKevin Karhan Mar 6, 2023
@GossiTheDog I hate HTML eMails and don't use #Outlook even if it were to run on #Linux (#OWA doesn't count!) so I count this as an absolute win.
Show threadNosirrahSec 🏴‍☠️ guillotine enthusiast
@kkarhan @GossiTheDog your preferences and feelings really don't matter to businesses and their daily operations.
Mar 6, 2023 at 4:07pmWeb
Show threadKevin Karhan Mar 6, 2023

@NosirrahSec @GossiTheDog That goes bidirectional tho.

I refuse to work with shitty Govware (Windows, Office) or handle bad formats only useful for spreading Malware (OOXML) and instead enforce open standards (PDF, OpenDocument) instead...

Show threadNosirrahSec 🏴‍☠️ guillotine enthusiastMar 6, 2023
@kkarhan @GossiTheDog
Show threadKevin Karhan Mar 6, 2023

@NosirrahSec @GossiTheDog someone needs to be that annoying guy, even if that means people will hate me for that.

In the end, my hunches turn out to be ture...