Obfuscated.Rich.Text.Format
Description
This indicates an attempt to download an obfuscated Rich Text Format file.
This signature detects obfuscated RTF files. RTF exploits can be and are often highly obfuscated. An attacker can launch exploits by tricking an unsuspecting user into opening a malicious RTF file and execute arbitrary code within the context of the application, via a crafted RTF file.
Affected Products
Microsoft Office
RTF compatible document processor
Impact
System Compromise: Remote attackers can gain control of vulnerable system.
Recommended Actions
Update to the latest version from the vendor.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-10-25 | 18.184 | Modified |
2021-10-18 | 18.180 | Sig Added |
2020-09-21 | 16.928 | Modified |
2020-06-23 | 15.870 | Sig Added |
2020-05-21 | 15.848 | Sig Added |
2020-04-28 | 15.829 | Sig Added |
2020-04-22 | 15.826 | Sig Added |
2020-03-19 | 15.799 | Sig Added |
2020-03-17 | 15.797 | Sig Added |
2020-01-08 | 15.754 | Sig Added |