Metasploit: office_word_htaNovember 21, 2025Malware Analysis Windows RTF CVE-2017-0199 HTA RtfobjA malicious RTF document exploits CVE-2017-0199 via an embedded OLE2Link object to fetch and execute a remote HTA payload from an attacker-controlled server.