Protect Your Assets
Showing results for 
Search instead for 
Do you mean 

Proactive zero-day coverage from HP TippingPoint: CVE-2014-1761

MarthaAviles ‎04-09-2014 08:43 AM - edited ‎09-25-2015 08:25 AM

Recently, Microsoft released details of a critical zero-day vulnerability (CVE-2014-1761) that is being actively exploited in the wild. The exploit leverages a flaw in specially crafted RTF documents to exploit users of Microsoft Word. The vulnerability can additionally be triggered by opening the malicious document in Outlook or simply previewing the attachment via the Outlook Word email viewer.


If successfully exploited, this vulnerability can result in full remote code execution in the privilege context of the user running the affected process. 


The temporary workaround from Microsoft has been to “Disable opening RTF content in Microsoft Word.”  While this is not a true patch or long term solution, customers of HP TippingPoint can breathe easy; HP TippingPoint has been providing proactive coverage for this vulnerability in the form of DV filter 12683 which has been shipping in the default recommended deployment since December of 2012, approximately 16 months prior to Microsoft’s announcement.


Click here to see a more in-depth analysis of this vulnerability.


Learn more about HP TippingPoint and other security products.

0 Kudos
About the Author


Nov 29 - Dec 1
Discover 2016 London
Learn how to thrive in a world of digital transformation at our biggest event of the year, Discover 2016 London, November 29 - December 1.
Read more
Each Month in 2016
Software Expert Days - 2016
Join us online to talk directly with our Software experts during online Expert Days. Find information here about past, current, and upcoming Expert Da...
Read more
View all