Logical Bug in Microsoft Word's 'Online Video' Allows Code Execution
SecurityWeek | October 29, 2018
Microsoft Office is impacted by a logical bug that allows an attacker to abuse the “online video” feature in Word to execute malicious code, Cymulate security researchers warn. The issue, which supposedly impacts all users of Office 2016 and older, can be exploited without special configuration, the security researchers say. Furthermore, no security warning is presented to the user when a malicious document abusing the flaw is opened. According to Cymulate, the vulnerability is created when the user uses the 'online video' feature to embed a video into their document. The bug resides in the associated document.xml file, which contains a parameter called embeddedHtml (under WebVideoPr) that refers to a YouTube iframe code.