Serious vulnerability in Microsoft Word is being used by hackers to install malware on computers
A zero day vulnerability in Microsoft Word is being exploited by hackers to install malware on Windows machines.
According to FireEye, "The attack involves an actor sending a Microsoft Word document that has embedded OLE2link to another user. When the user opens the document, winword.exe will issue an HTTP request to the remote server to retrieve a malicious .hta file, appear as a fake RTF file. Microsoft HTA application downloads and executes malicious code In both observed documents, malicious script has stopped the process of winword .exe, download additional payloads and load another document to "lure" the user. The initial winword.exe process is terminated to hide the message prompting the user to be created from OLE2link " .
Microsoft said it has detected this vulnerability since January 2017 but has not given any advice to enhance security or release a patch. According to MCAfee, "this vulnerability works on all Microsoft Office versions including the latest Office 2016 running on Windows 10. The latest attack was discovered in January . "
Proofpoint, another security company, discovered "this vulnerability is used in a large email campaign to distribute Dridex trojans (a malicious code that can steal personal information when making banking transactions." online. "This campaign has been sent to millions of recipients from major Australian organizations . "
If you are using Microsoft Word, please pay attention to MCAfee's advice: Do not open any Office files sent from strangers, unreliable and this type of attack does not pass Office Protected View so please sure this feature is turned on.
To open a document in Protected View mode, follow these steps:
- Click File> Open
- On the Open dialog box, click the arrow next to the Open button
- From the drop-down list, select Open in Protected View
Finally, as soon as Microsoft updates the patch, you must also update your office suite.
You should read it
- Instructions to turn off Protected View feature in Office 2013
- New zero-day vulnerability warning in Windows Search, Windows protocol nightmare getting worse
- Microsoft: Should run Word in safe mode
- Detecting zero-day vulnerability in the Dropbox 10 Windows app, users pay attention!
- Disable the Protected View feature in Word
- What is Protected View? Turn on and off the Protected View feature in Office 2016
- Ways to remove the Read only message in Word
- AMD CPUs also have security vulnerabilities that have existed for many years now!
- Vulnerability in Microsoft Outlook makes users believe in phishing emails
- Apple releases iOS 14.4.2, iOS 12.5.2, and watchOS 7.3.3 updates that patch the critical zero-day vulnerability
- Microsoft fixes a serious vulnerability that has existed for 17 years in Windows Server
- How to fix errors for ACL and SAM vulnerabilities on Windows
Maybe you are interested
9 Tips and Tricks to Get the Most Out of Microsoft Clipchamp
Looking Back at Microsoft Edge in 2024: The Impressive Numbers
A look at Windows 10 and 11 features Microsoft has removed or stopped supporting in 2024
What is Microsoft Azure Certification?
Cybercriminals are using Microsoft Teams calls to commit fraud
Microsoft officially supports sharing files from iPhone to Windows using Phone Link application