Microsoft warn users to deploy security update MS10-087 to do so at their earliest convenience, which addresses a number of critical vulnerabilities in how Microsoft Office parses various office file formats. One of them is CVE-2010-3333, “RTF Stack Buffer Overflow Vulnerability,” which could lead to remote code execution via specially crafted RTF data.
Microsoft says “A few days before Christmas, we received a new sample (sha1: cc47a73118c51b0d32fd88d48863afb1af7b2578) that reliably exploits this vulnerability and is able to execute malicious shellcode which downloads other malware.
The vulnerability can be triggered by utilizing a specially crafted RTF file with a size parameter that’s bigger than the expected one. The vulnerability is present in Microsoft Word. It attempts to copy RTF data to the stack memory without validating the size, which’ll lead to overwriting the stack.”
More Info: MS10-087