A new so-called zero-day exploit was discovered in Microsoft Office. It was discovered by two cyber security companies, FireEye and McAfee.
The exploit was allowing hackers to download and install malware on user’s device, and the exploit has yet to be patched. The attack would work on all of the Office versions, including Excel, Word, and PowerPoint. The attacks that have used this flaw were first detected back in January 2017, and Microsoft was contacted and notified.
According to them, Office versions are being used by more than 1.2 billion people. The patch is supposed to be issued on Tuesday, the same day when Windows 10 Creators Update is supposed to be launched.
Still, until the update is issued, Microsoft has advised its users to be extra careful and practice safe computing habits. Emails from unknown contacts are an especially dangerous thing, and that, as well as downloading unknown content is something that should be very careful about.
What you should be most careful about is downloading Word files that have arrived via email.
This is especially dangerous since the hackers have already shown the strategy that includes masking malware as important files or documents, that start their work as soon as you download and run them. The malware will start its work in the background, and it will immediately connect to the attacker’s server. That connection will then be used by the hacker for sending more malware to your device, and all of this will be going on quietly, in the background. The victims of this attack don’t even know that they’re under attack until it’s too late and their device is infected.
The hackers have even tried sending spam emails in which they pretend to be tax officers, and claim that the Word document is a tax report that you should immediately see. In other words, even your finances might be at stake, if you fall for their tricks.
Even though you’re safe as long as you don’t download files and docs that come to you via email, we understand that some of you have to do so, since it might be closely connected to your jobs or alike. That’s why the researchers have been looking for a temporary solution, and they’ve found one. McAfee has discovered that the attack can’t be triggered if the document is opened in Office’s protected view.
Researchers have noted that the attack is pretty sneaky and relies on stealth a lot, which is why the malware even opens a new Word document after its process has ended. It’s been discovered that this vulnerability in all of the Office versions comes from Windows Object Linking and Embedding feature. Security company FireEye is working with Microsoft in order to find the best way to fix the flaw.