We are currently blocking our users from opening .rtf files in response to security advisory MS14-017 via Group Policy.
The April updates provide a patch to protect against this vulnerability – KB2863910.
Looking at WSUS I note that all of our client machines show “Not applicable” against this update, despite the majority of them running Office 365 ProPlus 32 Bit.
To test this, I manually downloaded the update and attempted to apply it on a Win 7 desktop with Office installed. The patch reported that no applicable software was installed.
My question is thus: Is the Office 365 ProPlus version of Word affected by the vulnerability, and if so, when will a patch be available for this product?
Detail – this particular installation reports itself as Microsoft Word 2013 (15.0.4605.1001) MSO (15.0.4605.1002) 32 Bit, Part of Office ProPlus.