The Bat! Is Invulnerable To Attacks Via RWZ Files
A security researching company, Fortinet, discovered four vulnerabilities in Microsoft Outlook. All of them were resulting from the failure to properly handle objects in memory. These vulnerabilities allowed attackers to execute arbitrary code on a system through a specially crafted RWZ file. This way the attackers could gain full control over the victims’ systems. To perform the attack, it was required that a victim opened the malicious RWZ file in Outlook.
The Bat! is invulnerable to such attacks because it doesn’t automatically open attached files and does warn the users while opening certain file types or files with double extensions. Additionally, it blocks altogether opening files with extensions which were used to harm the operating system in the past.