Forgot your password?
typodupeerror
Worms

+ - Thought RTFs were malware free? Think again!

Submitted by stry_cat
stry_cat (558859) writes "Over at http://isc.sans.org/diary.html?storyid=2528&rss it says:

"...no doubt that you are aware of the huge number of exploits directed toward various Office applications, mainly Microsoft Word and PowerPoint. For quite some time a lot of administrators (us included) told people to convert documents to other (safer) formats, one of them being RTF (Rich Text Format). Although this format is proprietary, the specification is publicly available so a lot of word processors support this format."

However as the article continues, we find that one can still embed stuff. Embedding the right (or is it wrong) stuff can have the unsuspecting user downloading some seriously bad malware. Even worse it is likely your AV software will miss this malware!

The article concludes:

"This was another example of why complex file formats should be avoided. Even if you do scan all files on your e-mail gateway (or web filtering server), as you can see most AV programs would miss this as they would scan only the RTF document. One more time we see how important defense in depth is — in this case you would depend on user's awareness and ultimately on his desktop AV product. ""

Air pollution is really making us pay through the nose.

Working...