Microsoft addresses recently discovered vulnerability
Microsoft has released software patches for the ‘zero-day’ exploit targeted at their Word program.
The flaw discovered in many versions of Microsoft Word for Windows could allow malicious software to be installed, according to cybersecurity researchers.
On 10th April, cybersecurity firm Proofpoint announced it had discovered an email campaign targeting the bug that aimed to distribute Dridex malware. Dridex is designed to infect a victim’s computer and steal banking credentials. In 2015, it was named as the means by which scammers stole more than £20m from British bank accounts.
On Tuesday Microsoft released a patch for the Word zero-day vulnerability exploited by scammers trying to steal banking logins.
“Customers who have updates enabled will be protected automatically,” said a Microsoft spokesman.
In its bulletin, Microsoft said the security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. Microsoft said: “This security update disables certain graphics filters.”
Proofpoint also urged Microsoft Word users to install the security updates quickly.
“Because of the widespread effectiveness and rapid weaponisation of this exploit, it is critical that users and organisations apply the patch as soon as it becomes available,” the firm said.
On unpatched systems, the vulnerability is triggered by opening a document that triggers a standard looking download warning, followed by a download from a malicious server that sends a document to the system containing a malicious script, Word accepts and runs the script without any warning.
The issue affects all current Office versions used on every Windows operating system, including the latest Office 2016 running on Windows 10.
Microsoft did not confirm whether Mac versions of Word were also affected.
- Install all available Microsoft Office updates as soon as possible and ensure that the software is kept up to date.
- Enable the Office Protected View feature.
- Always beware of phishing emails, and clicking malicious links or attachments – even if the email appears to be from someone you know.
- Do not open or download any suspicious Word files that arrive in an email – if you don’t know the person who sent it, don’t open it.
- Always keep your systems antimalware and antivirus up-to-date.
Found this article helpful?