Word Automation Services Vulnerability and Sharepoint Server

There is a vulnerability in Microsoft Word that could allow remote execution. That security issue impacts:
1.       Microsoft Word 2003 to 2013
2.       MS Word Viewer
3.       Word Automation Services  in Sharepoint 2010 and 2013
4.       MS Office Web Server 2010 and 2013
The issue is mainly with the special RTF formatted data.

Risk Mitigation:
1.       Use non-admin rights on the local systems. That will lower the impact
2.       Disabling opening RTF on Word / Outlook
7.       In Sharepoint Server – Uncheck the RTF as the supported file format
 
 
Sharepoint Server – Work Automation Services:
Follow the steps below to disable the RTF file format within Word Automation Services on Sharepoint Server 2010 / 2013. Make sure to understand the impact of this change in your organization.
1.       Go to Sharepoint Central Administration website of your farm
2.       Under Application Management, click on ‘Manage Service Applications’
3.       Under ‘Supported File Formats’, uncheck the Rich Text Format (.rtf)
4.       Click OK to save settings
 
 
 
References:
1.       Vulnerability in Microsoft Word Could Allow Remote Code Execution – Microsoft Security Advisory (2953095)
2.       MS Knowledge Base
3.       CVE Page

Leave a Reply

Enter the CAPTCHA * Time limit is exhausted. Please reload CAPTCHA.