Recent Microsoft Word exploit won't affect WordPad [Update: Word on iPad isn't affected]

A recently discovered exploit that was found in earlier versions of Word for Windows and Mac does not affect WordPad, the free word processor that's included in all versions of Windows.

The security advisory that was released earlier this week concerning the Word issue has now been updated with this additional topic in its FAQ:

How is Microsoft WordPad affected by the vulnerability?  WordPad is not affected by the vulnerability.

Just a reminder: The exploit was found being used by unknown groups to attack Microsoft Word 2010 but it affects all versions of the applications for Windows and Mac. The company said at the time:

An attacker could cause remote code execution if someone was convinced to open a specially crafted Rich Text Format (RTF) file or a specially crafted mail in Microsoft Outlook while using Microsoft Word as the email viewer.

Microsoft has released a manual "Fix-It" patch for the Word exploit that will close the hole in all of the other applications that are affected. The company is currently working on a permanent fix that will be released later via its automatic update service.

Microsoft just launched a version of Word for the iPad, along with other Office applications. So far there's no word on if the iPad version is affected by the same exploit. We have emailed Microsoft for comment.

Update: We have just received confirmation from a Microsoft spokesperson that the new Word for iPad app is also not affected by the exploit.

Source: Microsoft

Report a problem with article
Previous Story

Leef introduces microSD card to microUSB card reader for Android devices

Next Story

Google launches I/O website, implements new registration process for 2014

24 Comments

Commenting is disabled on this article.

They should have never released the Word 1.1a source... Future versions were just a skin on top of it. /s

Microsoft just launched a version of Word for the iPad, along with other Office applications. So far there's no word on if the iPad version is affected by the same exploit. We have emailed Microsoft for comment

would be funny if they replied "yes":

neowin.net/news/recent-microsoft-word-exploit-wont-affect-new-ipad-version

why ask them the question if you already have decided the answer?

btw, exploit != flaw.
the flaw may affect iPad, android and WP versions too, but the exploit currently in the wild is only working on office 2010.

it would probably be harder to target office 2013.

and even harder to target iOS/WP/android versions because of sandboxing.

Edited by link8506, Mar 28 2014, 12:20am :

cleverclogs said,
'The quick brown fox jumped over the lazy dog'.
There is no red fox, and there is no brown dog. That image hurts my eyes.

Agreed! The point of the sentence you quote is that it uses all 26 letters of the alphabet. The word 'red' is unnecessary and painfully pointless.

jwil1 said,
Um.... how is this news!?

It would be news if it was affected... but unaffected?

Is it normal for wordpad to be affected by Word bugs?

rfirth said,

Is it normal for wordpad to be affected by Word bugs?

Question I was going to ask. I dont remember WordPad having any noteable issues.

jwil1 said,
Um.... how is this news!?

It seems to be a flaw in how Word processes RTF files, which is WordPad's default format.

Though it's a bit of strech to call wordpad a word processor.

Jarrichvdv said,

You really think you're funny, don't you :-/

At times yes I do. But in this particular instance I really wasn't trying to be funny. Wordpad really is an example MFC app.

SharpGreen said,

At times yes I do. But in this particular instance I really wasn't trying to be funny. Wordpad really is an example MFC app.

Unbelievable.