Back in September, Microsoft released a patch to prevent attackers from executing malicious code embedded in a Word document that downloads a Microsoft Cabinet (CAB) archive containing a malicious executable. By reworking the original exploit and placing the malicious Word document inside a special crafted RAR archive, the attackers created a “CAB-less” form of the exploit capable of successfully evading the original patch.