Risky bank fraud exploiting huge hole in Microsoft Word

Risky bank fraud exploiting huge hole in Microsoft Word

Attackers have been exploiting a zero-day vulnerability in Microsoft Word since January to infect computers with malware.

The attack entails a threat emailing a Microsoft Word document to a victim user with an installed OLE2link object.

It affects all current Office versions used on every Windows operating system, including the latest Office 2016 running on Windows 10.

Several research groups say the bug was being exploited as early as January to remotely install a spy program for carrying out espionage created by FinSpy, associated with Germany and UK-based "lawful intercept" firm, Gamma Group, which sells nearly exclusively to nation state hackers. The latter said it had shared the details of the Office security exploit with Microsoft and had been withholding details for the company to be able to deliver a patch before going public with the information. "According to our tests, this active attack can not bypass the Office Protected View, so we suggest everyone ensure that Office Protected View is enabled, said McAfee". It's not yet known if the use of Microsoft's Enhanced Mitigation Experience Toolkit prevents the malicious malware from working.

To mitigate the security flaw, users should download the most recent patch from Microsoft. It then executes it as a.hta file.

Current Movers: BlackBerry Limited (BBRY), Bank of America Corporation (BAC)
BlackBerry Ltd (NASDAQ: BBRY ) have shown a low EPS growth of -24.80% in the last 5 years and has earnings growth of 80.50% yoy. Inside the closing six months period the stock's performance declined -2.41% while overall yearly performance gained 8.45%.

But presently security leaders FireEye and McAfee have found an another attack procedure that takes the support of Windows Object Linking and Embedding (OLE).

So, if you receive a shady email message asking you to download the document and open it immediately. In this case, it's a Word document that contains an embedded exploit. It's hard to excuse the silence given the scope of the exploit campaign reported by Proofpoint, which is now at least the third security company to publicly warn of the critical vulnerability since Friday. "Microsoft Office users are recommended to apply the patch as soon as it is available", FireEye writes regarding what to do to combat the malware.

The attack was capable of bypassing numerous mitigation systems built into Microsoft Office and Windows created to stop malicious files from executing. That means people should think carefully before editing or printing a received document or doing anything else that requires Protected View to be disabled.

In tests carried out by McAfee, Li said the attack can not bypass the Office Protected View.

In its bulletin, Microsoft said the security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file.

Related Articles

  • Retail inflation hits 5-month high of 3.81% in March

    Retail inflation hits 5-month high of 3.81% in March

    In terms of month-on-month data, Chinese inflation fell 0.3 per cent, as compared to the 0.2 per cent dip in February. Non-food costs rose 2.3 percent year on year, with the rate 0.1 percentage points higher than a month earlier.
    Warplane strikes Syrian town that was hit by chemical attack, again

    Warplane strikes Syrian town that was hit by chemical attack, again

    A chemical attack on the residential part of Khan Sheikhun killed 85 civilians, including 20 children and 13 women. Iran has provided crucial military and economic assistance to Assad throughout Syria's six-year civil war.
    Somali pirates flee hijacked Indian dhow, taking crew with them

    Somali pirates flee hijacked Indian dhow, taking crew with them

    All the crew members on the ship were safe at the end of the joint action. "Both the ship and the crew members are safe now". There was a lull in the Gulf of Aden for some time but now the pirates seem to be active again.
  • US Missile Strike Destroyed a Fifth of Syria's Warplane Fleet, Pentagon Says

    US Missile Strike Destroyed a Fifth of Syria's Warplane Fleet, Pentagon Says

    In an interview with CBS , Tillerson described Russia's explanation for the suspected chemical attack as "not plausible" and "not credible".
    Longoria breaks up Pineda's perfect-game bid in 7th

    Longoria breaks up Pineda's perfect-game bid in 7th

    Souza has been the Rays' best hitter so far and takes a.417 average into Monday - just in time for another trip to NY . NY built six new fan gathering areas in the stands, including two where there had been obstructed-view bleacher seats.

    Sunderland 0 Man United 3

    It was harsh on David Moyes' side, who'd kept United quiet for much of the first 45 before the sending off. You could feel that negative feeling that is around a team that is close to relegation".
  • Burger King ad that triggers smart speakers foiled by online pranksters

    Burger King ad that triggers smart speakers foiled by online pranksters

    Burger King's new ad is an interesting and very modern commercial, even if it only briefly worked as intended. That's the problem with relying on Wikipedia: anyone can edit entries on the website.

    Sessions warns of 'Trump era' of immigration enforcement

    But when he delivered the speech in Nogales, Ariz., Sessions left off the end of the sentence and made some other tweaks. His name is Jeff Sessions, and illegal immigrants had better beware.

    Seoul: North Korea fires ballistic missile off east coast

    Two weeks ago, the South Korean and US militaries said they had detected a failed North Korean ballistic missile launch. The 60 kilometers is a relatively short flight compared with the distances that other North Korean missiles flew.
  • UP govt to take views of Muslim women on triple talaq issue

    UP govt to take views of Muslim women on triple talaq issue

    The submissions drawn by advocate Madhvi Divan have been settled by the Attornewy Genewral Mukul Rohatgi. A number of Muslim women have filed petitions to quash the practice of triple talaq and polygamy.
    NFL will fine players for attending event at Las Vegas casino

    NFL will fine players for attending event at Las Vegas casino

    The NFL said it was unclear how many players participated. "This is one of those things you don't even think about", he said. After all, it's the league and its owners who couldn't resist the dollar signs attached to having a franchise in Las Vegas .
    Syria, Russia to top agenda as G7 ministers meet

    Syria, Russia to top agenda as G7 ministers meet

    That is why we are here to work all together for peace and liberty". Tillerson was more equivocal about Assad's future on Sunday.