This article was published on April 10, 2017

Microsoft Office vulnerability lets hackers use Word files to install malware


Microsoft Office vulnerability lets hackers use Word files to install malware

You might want to be extra careful about what files you open in Word over the next few days: Attackers are exploiting a previously undisclosed vulnerability in Microsoft Office to sneak malware into your system.

The zero-day bug fundamentally relies on infected Word documents, which then download malicious HTML applications disguised as make-belief Rich Text files. Once executed, the HTML application connects to a remote server and runs a custom script designed to stealthily install malware.

What is particularly worrying is that unlike regular macro hacks – which Office generally warns against when opening macro-enabled documents – the attack vector makes it difficult to prevent potential attacks.

The vulnerability was first discovered by researchers at McAfee, who detailed the bug in more detail last Friday. Since then, fellow cybersecurity firm FireEye published another blog about the same vulnerability, informing it had been withholding disclosure until Microsoft has had a chance to fix the glitch.

The <3 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

Both companies, however, indicate that the issue has to do with the Windows Object Linking and Embedding (OLE) function, which has been exploited on a number of occasions over the past few years.

The vulnerability affects all versions of Office, including the latest Office 2016 for Windows 10, according to the researchers.

Fortunately, a Microsoft spokesperson has confirmed the tech giant will eliminate the issue with the release of its upcoming monthly update later on Tuesday, April 11.

Until then, McAfee advises users to only run Office in Protected View mode as well as to refrain from opening “any Office files obtained from untrusted locations.”

Update: Microsoft has since released a patch that eliminates the vulnerability. Make sure you update your Windows system to the latest version to avoid risk of getting hacked.

via ZDNet

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with