Microsoft Word Vulnerability CVE-2023-21716 Exploitable

March 6, 2023

A critical vulnerability in Microsoft Word, CVE-2023-21716, has been assigned a 9.8 out of 10 severity score and was addressed in the February Patch Tuesday security updates. The vulnerability allows remote code execution and requires no user interaction to exploit. Security researcher Joshua Drake discovered the vulnerability in Microsoft Office’s “wwlib.dll” and sent Microsoft a technical advisory containing proof-of-concept (PoC) code showing the issue is exploitable.

The vulnerability is triggered “when dealing with a font table (*fonttbl*) containing an excessive number of fonts (*f###*)” and can be exploited with “a properly crafted heap layout.” Drake managed to fit the PoC in a tweet and there is no indication that the vulnerability is being exploited in the wild. Microsoft recommends reading emails in plain text format or enabling the Microsoft Office File Block policy as workarounds. As Microsoft warns, “if you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system.”

“A full list of the Microsoft Office products impacted by the vulnerability is available in the vendor’s advisory for CVE-2023-21716,” said Drake. “Installing the security update from Microsoft remains the safest way to deal with the vulnerability.”

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.