Getting system access using malicious word file

Background

Microsoft Office Word / Wordpad remote code execution vulnerability allows a remote attacker to execute arbitrary code on the system. An attacker can send specially crafted files which can cause the MS Word / Wordpad to download a remote shell and the attacker can gain access of the system. Once, the attacker has control of the machine, he / she can install a software, create a backdoor, view, modify or delete data, can create users with full permissions.

Continue reading “Getting system access using malicious word file”