This malicious Word doc doesn’t even have to be opened to infect your PC

Last week, cybersecurity researcher Joshua Drake published a proof-of-concept for a vulnerability in Microsoft Word, detailing a way for threat actors to deliver malware (opens in new tab) without users ever needing to open a file.

The vulnerability is tracked as CVE-2023-21716. It’s been given a 9.8 severity score and deemed critical, as it allows for remote code execution.

Source link