Microsoft Word Is Under A Hack Attack: Do Not Open Documents Named '.RTF'
Microsoft says it's aware of attacks going on now, but there's no fix yet to stop the hackers. It's working on a way to stop the bug.
The only way to be sure your computer won't get infected is to not open a document with the ".rtf" extension until Microsoft says it's fine to do so.
This is the very worst kind of attack. A hacker that manages to get people to open the booby-trapped file can gain control of your computer. From there, the hacker can do all kinds of things. For instance, the hacker can turn your computer into a so-called "zombie" by putting it on an illegal "botnet." That means hackers can use your computer as part of a bigger network of computers to do all kinds of illegal things, like sending spam, spreading viruses, or committing fraud.
Even more scary is that the hack could work even in "preview" mode. That's where you don't actually open the file, but view it in an email instead. Outlook, for instance, lets you preview attachments.
Microsoft is currently recommending that you block all ".rtf" documents from your computer. It released a free tool which will set that up for you.
While ".rtf" files are not the default for Microsoft Word, (the default is ".docx" or ".doc"), this is not a strange or unusual type of document. RTF stands for "rich text format." For instance, it's the default file format used by TextEdit, the free word processing app that comes with a Mac.
If people tend to email you a lot of Word documents, and you don't want to block all .rtf documents, another good choice is to set up your email to be in text mode, recommends security blogger Paul Ducklin via the Sophos security blog. The downside: this can make formatted emails, like newsletters, more difficult to read.