Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • Bloated Patch Tuesday brings fix for nasty Word/RTF/Net vulnerability

    Posted on September 13th, 2017 at 05:58 woody Comment on the AskWoody Lounge

    For you folks guarding Russian-language espionage worthy secrets, there’s a hundred or so patches I need to tell you about.

    For the rest of you, hang tight. We’re still at MS-DEFCON 2. Let’s wait and see what problems flush out of this month’s huge round of Patch Tuesday patches.

    Computerworld Woody on Windows.

    UPDATE: Ars Technica’s Dan Goodin just tweeted that there is now public exploit code for CVE-2017-8759 making the rounds. That steps up the pressure to patch, considerably.

    ANOTHER UPDATE: Good question from an anonymous commenter:

    does this same vuln still apply if RTF file is opened instead in Wordpad?

    Answer: No. It requires Word, and Word cannot be running in Preview Mode. If you open RTF files with Wordpad, the Word Viewer, or any of a gazillion RTF readers (including OpenOffice), the .NET bug is NOT triggered.

    If that helped, take a second to support AskWoody on Patreon

    One Response to “Bloated Patch Tuesday brings fix for nasty Word/RTF/Net vulnerability”

    1. Anonymous says:

      Just wondering…
      does this same vuln still apply if RTF file is opened instead in Wordpad?

    Leave a Reply