Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Serious vulnerability in Microsoft Word is being used by hackers to install malware on computers
A zero day vulnerability in Microsoft Word is being exploited by hackers to install malware on Windows machines.
According to FireEye, "The attack involves an actor sending a Microsoft Word document that has embedded OLE2link to another user. When the user opens the document, winword.exe will issue an HTTP request to the remote server to retrieve a malicious .hta file, appear as a fake RTF file. Microsoft HTA application downloads and executes malicious code In both observed documents, malicious script has stopped the process of winword .exe, download additional payloads and load another document to "lure" the user. The initial winword.exe process is terminated to hide the message prompting the user to be created from OLE2link " .
Microsoft said it has detected this vulnerability since January 2017 but has not given any advice to enhance security or release a patch. According to MCAfee, "this vulnerability works on all Microsoft Office versions including the latest Office 2016 running on Windows 10. The latest attack was discovered in January . "
Serious vulnerability in Microsoft Word is being used by hackers to install malware on computers Picture 1
Proofpoint, another security company, discovered "this vulnerability is used in a large email campaign to distribute Dridex trojans (a malicious code that can steal personal information when making banking transactions." online. "This campaign has been sent to millions of recipients from major Australian organizations . "
If you are using Microsoft Word, please pay attention to MCAfee's advice: Do not open any Office files sent from strangers, unreliable and this type of attack does not pass Office Protected View so please sure this feature is turned on.
To open a document in Protected View mode, follow these steps:
- Click File> Open
- On the Open dialog box, click the arrow next to the Open button
- From the drop-down list, select Open in Protected View
Finally, as soon as Microsoft updates the patch, you must also update your office suite.
Samuel DanielYou should read it
- Instructions to turn off Protected View feature in Office 2013
- New zero-day vulnerability warning in Windows Search, Windows protocol nightmare getting worse
- Microsoft: Should run Word in safe mode
- Detecting zero-day vulnerability in the Dropbox 10 Windows app, users pay attention!
- Disable the Protected View feature in Word
- What is Protected View? Turn on and off the Protected View feature in Office 2016
- Ways to remove the Read only message in Word
- AMD CPUs also have security vulnerabilities that have existed for many years now!
- Vulnerability in Microsoft Outlook makes users believe in phishing emails
- Apple releases iOS 14.4.2, iOS 12.5.2, and watchOS 7.3.3 updates that patch the critical zero-day vulnerability
- Microsoft fixes a serious vulnerability that has existed for 17 years in Windows Server
- How to fix errors for ACL and SAM vulnerabilities on Windows
Maybe you are interested
Microsoft's official Windows 11 virtual machine is no longer available
How to remove Microsoft Edge on Windows 11
Microsoft makes major improvements to Windows Update, updates will be installed much faster
Microsoft Word or Google Docs is better for you?
Distinguishing Microsoft 365 and Office 2024
Microsoft's foldable smartphone won't have a crease
Tech info
Russian new robots can shoot themselves with two hands like humans- Take a look at the old Casio electronic watch, which is 'more' with new and modern features!
- How to register for 4G Viettel package
- Google changed the search ranking algorithm, limiting the display of fake news
- Do you know the meaning of the 'S' sign on Samsung Galaxy?
- 7 useful features of smartphones you may not know how to use
Russian new robots can shoot themselves with two hands like humans
Take a look at the old Casio electronic watch, which is 'more' with new and modern features!
How to register for 4G Viettel package
Google changed the search ranking algorithm, limiting the display of fake news
Do you know the meaning of the 'S' sign on Samsung Galaxy?
7 useful features of smartphones you may not know how to use