Serious vulnerability in Microsoft Word is being used by hackers to install malware on computers
A zero day vulnerability in Microsoft Word is being exploited by hackers to install malware on Windows machines.
According to FireEye, "The attack involves an actor sending a Microsoft Word document that has embedded OLE2link to another user. When the user opens the document, winword.exe will issue an HTTP request to the remote server to retrieve a malicious .hta file, appear as a fake RTF file. Microsoft HTA application downloads and executes malicious code In both observed documents, malicious script has stopped the process of winword .exe, download additional payloads and load another document to "lure" the user. The initial winword.exe process is terminated to hide the message prompting the user to be created from OLE2link " .
Microsoft said it has detected this vulnerability since January 2017 but has not given any advice to enhance security or release a patch. According to MCAfee, "this vulnerability works on all Microsoft Office versions including the latest Office 2016 running on Windows 10. The latest attack was discovered in January . "
Proofpoint, another security company, discovered "this vulnerability is used in a large email campaign to distribute Dridex trojans (a malicious code that can steal personal information when making banking transactions." online. "This campaign has been sent to millions of recipients from major Australian organizations . "
If you are using Microsoft Word, please pay attention to MCAfee's advice: Do not open any Office files sent from strangers, unreliable and this type of attack does not pass Office Protected View so please sure this feature is turned on.
To open a document in Protected View mode, follow these steps:
- Click File> Open
- On the Open dialog box, click the arrow next to the Open button
- From the drop-down list, select Open in Protected View
Finally, as soon as Microsoft updates the patch, you must also update your office suite.
You should read it
- Microsoft: Should run Word in safe mode
- Detecting zero-day vulnerability in the Dropbox 10 Windows app, users pay attention!
- Disable the Protected View feature in Word
- What is Protected View? Turn on and off the Protected View feature in Office 2016
- Ways to remove the Read only message in Word
- AMD CPUs also have security vulnerabilities that have existed for many years now!
- Vulnerability in Microsoft Outlook makes users believe in phishing emails
- Apple releases iOS 14.4.2, iOS 12.5.2, and watchOS 7.3.3 updates that patch the critical zero-day vulnerability
May be interested
- Russian new robots can shoot themselves with two hands like humansfedor, the famous russian-style robot has been successfully equipped with a special skill ... shooting itself without any robots in the world, to contribute to the mission to set foot on the moon in the year. 2021.
- Take a look at the old Casio electronic watch, which is 'more' with new and modern features!let's take a look at the old casio electronic clock, which adds new and modern features below!
- How to register for 4G Viettel packageviettel has introduced 4g service packages to users. accordingly, users will subscribe to a wedding package of 40,000 vnd and will own 1 gb of access and 200 thousand vnd will be 10 gb.
- Google changed the search ranking algorithm, limiting the display of fake newssee how google changes the search ranking algorithm, limiting the display of fake news!
- Do you know the meaning of the 'S' sign on Samsung Galaxy?have you ever wondered what the s sign of samsung galaxy smartphones meant? let's tipsmake.com find out!
- 7 useful features of smartphones you may not know how to uselet's tipsmake.com refer to 7 useful features of smart phones you may not know to use below!