Attackers have been exploiting a zero-day vulnerability in Microsoft Word since January to infect computers with malware.
The attack entails a threat emailing a Microsoft Word document to a victim user with an installed OLE2link object.
Several research groups say the bug was being exploited as early as January to remotely install a spy program for carrying out espionage created by FinSpy, associated with Germany and UK-based "lawful intercept" firm, Gamma Group, which sells nearly exclusively to nation state hackers. The latter said it had shared the details of the Office security exploit with Microsoft and had been withholding details for the company to be able to deliver a patch before going public with the information. "According to our tests, this active attack can not bypass the Office Protected View, so we suggest everyone ensure that Office Protected View is enabled, said McAfee". It's not yet known if the use of Microsoft's Enhanced Mitigation Experience Toolkit prevents the malicious malware from working.
To mitigate the security flaw, users should download the most recent patch from Microsoft. It then executes it as a.hta file.
Longoria breaks up Pineda's perfect-game bid in 7th
Souza has been the Rays' best hitter so far and takes a.417 average into Monday - just in time for another trip to NY . NY built six new fan gathering areas in the stands, including two where there had been obstructed-view bleacher seats.
So, if you receive a shady email message asking you to download the document and open it immediately. In this case, it's a Word document that contains an embedded exploit. It's hard to excuse the silence given the scope of the exploit campaign reported by Proofpoint, which is now at least the third security company to publicly warn of the critical vulnerability since Friday. "Microsoft Office users are recommended to apply the patch as soon as it is available", FireEye writes regarding what to do to combat the malware.
The attack was capable of bypassing numerous mitigation systems built into Microsoft Office and Windows created to stop malicious files from executing. That means people should think carefully before editing or printing a received document or doing anything else that requires Protected View to be disabled.
In tests carried out by McAfee, Li said the attack can not bypass the Office Protected View.
In its bulletin, Microsoft said the security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.