A zero-day vulnerability in Microsoft Word involving the handling of the RTF file format was published last week in the form of a Microsoft advisory. In its advisory, Microsoft states that it is aware of “limited, targeted attacks” exploiting this vulnerability.
With more technical details regarding the vulnerability itself becoming available, we can confirm and reassure our customers that this attack is blocked by Trustwave’s Secure Web Gateway. No updates are required for this to happen, the attack will be blocked by the following policy rule: “Block Malformed Binary Format Vulnerabilities (Binary VAD Engine)”, so please be sure to have this rule enabled in your policy.
For the non-corporate users who wish to remain protected until an update is released, Microsoft has released a Fix-It tool to help mitigate the problem.