Office OLE2 RCE via RTF/HTA: Executes PowerShell/VBScript without macros via crafted Word document. Widely exploited in targeted phishing against government and financial institutions. Apply MS17-010 patches. Block .hta file format at email gateway.
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1/RT SP1, 2016, Windows Vista/7/8.1/10, Server 2008/2012/R2 allow remote attackers to execute code via a crafted document (OLE2link object).
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →