We're so back.
"CVSS 9.8 allows a remote attacker to execute code on a target system by sending a specially crafted mail to an affected system with Outlook... previewing an attachment could trigger the code execution. The specific flaw exists within the parsing of RTF files"
+bonifartius 𒂼𒄄
@sj i wonder what is so hard about RTF that there are so many flaws parsing it.
@bonifartius I think it's the integration with OLE and the world of other MS/windows junk that can be pulled in, right at the border of "just used enough MS can't just turn it off by default" and "too old to get a lot of attention"
