MS.WordPad.Embedded.COM.Code.Execution

description-logoDescription

This indicates that a non-ActiveX COM object, such as OutlookExpress.AddressBook COM control, InstallEngine COM control, or Sysmon.3 COM contro, is embedded into the OLE section of a WordPad RTF document. It can result in arbitrary code execution or a crash.

affected-products-logoAffected Products

Microsoft WordPad

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are not aware of any patches supplied by the vendor for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-01-04 13.518 Sig Added
2018-10-26 13.480 Sig Added