As it's described here, recently I discovered a potential RTF-related zero-day in Windows/Office at my daily work. This is really an interesting study for me, thus I took some of my free time digging more on the weekend - specifically, my goal was to find a real-world exploitation example to show how bad guys can really take advantage of this problem. I didn't go too far on this, after reviewing various environments on my computers, I've found the Java update program is a good example.
more here...............http://justhaifei1.blogspot.com/2014/08/demonstration-of-windowsoffice-insecure.html
more here...............http://justhaifei1.blogspot.com/2014/08/demonstration-of-windowsoffice-insecure.html