Microsoft Left A Hole That Hackers Used To Infect Millions With Malware

McAfee jumps the gun on Microsoft Word zero-day

McAfee jumps the gun on Microsoft Word zero-day

This represents the first malware distribution campaign exploiting the newly discovered Microsoft Word zero-day vulnerability.

McAfee and FireEye posted blogs revealing the attack, which, as these things so often do, starts with a malicious email attachment.

McAfee said "the attacker gains full code execution on the victim's machine".

As the means through which cyber-attackers stole more than £20 m, it had been mentioned in 2015. It will then proceed to download even more malicious payloads across various "well-known malware families", subsequently closing the original Word file that was weaponized for the attack. It even shows a fake Word document to hide the attack from the victim. The root cause lies in an important Office feature known as Object Linking and Embedding (OLE). The security researchers who discovered this vulnerability say that it is different from other Word exploits seen in the past because it does not require the user to enable Macros.

A Microsoft spokesperson has confirmed that the company will offer a patch to rectify the issue, which will be available on Tuesday as part of the software giant's monthly release of updates. They further added, "In the background, the malware has already been furtively installed on the system of the victim".

City of Powell River presents Easter egg hunt
On Easter Sunday, the Brownsville Community Church Team has organized an Easter Egg Hunt open to all children in the community. There were zones marked off for five age groups up to sixth grade and, in total, about 800 colored plastic eggs.

McAfee told users not to open any Office files obtained from untrusted sources, especially from emails.

Security researchers at FireEye said that they also recently detected malicious Microsoft Office Rich Text Format (RTF) documents that leverage a previously undisclosed vulnerability.

A hole in Microsoft's defenses, in general, is bad enough, but a malware that can infect users using every supported version of the MS Office products is just devastating. "As Microsoft Office is an extensively used productivity suite on Windows desktop computers, this actively attacked vulnerability poses a big concern", said Amol Sarwate, director of Engineering at Qualys, in an email sent to eWEEK.

McAfee said it identified the attacks on Thursday and chose to release its advisory immediately, which appeared late on Friday. Also, the attack can not bypass the Protected View in Word, so McAfee suggested enabling this view mode when opening documents just to be sure. An agreement was made to release information about the vulnerability only after a patch was devised. To enable Office Protected View in your application, launch Microsoft Word.

Recommended News

  • Toshiba's survival in doubt amid Westinghouse troubles

    Toshiba's survival in doubt amid Westinghouse troubles

    President Satoshi Tsunakawa speaks during a press conference at the company's headquarters in Tokyo, Tuesday, April 11, 2017. The projected loss ballooned because of losses related to Westinghouse's bankruptcy filing last month, the company said.
    Call of Duty: Black Ops II Joins Xbox One Backwards Compatibility List

    Call of Duty: Black Ops II Joins Xbox One Backwards Compatibility List

    After all, Black Ops 2 was the most requested backward compatible title for the better part of the previous year . Call of Duty: Black Ops 2 can also be similarly played on the Xbox One if you meet the following criteria.

    Le Pen: I will quit office if French reject eurozone exit

    In January Le Pen visited Trump s headquarters but left without meeting the United States president-elect or any of his staff. Le Pen did not have any planned meetings with Kremlin representatives or government officials during her Moscow visit.
  • Lewis Hamilton coasts to fifth title at Chinese Grand Prix

    Two lap later proper safety vehicle was out after Antonio Giovinazzi suffered his second heavy crash. Yeah, he really squeezed me, but it was good fun and I had the inside for the next corner".
    The Last Jedi Rumor Round Up

    The Last Jedi Rumor Round Up

    We know we're getting a new trailer for Star Wars: The Last Jedi there, so this is unlikely to be what they're talking about. That must be why they're comfortable making a big Star Wars announcement together.
    Trump, Xi showdown fails to materialize at Mar-a-Lago

    Trump, Xi showdown fails to materialize at Mar-a-Lago

    Trump also "noted the importance of protecting human rights and other values deeply held by Americans", the statement added. Trump accepted Xi's invitation to visit China this year, but no date has been set, Tillerson said.
  • Hela, Hulk hassle Thor in new trailer

    Hela, Hulk hassle Thor in new trailer

    Now that its new formula proved successful, expect more Marvel properties to feel similar-starting with Thor: Ragnarok . It has been quite some time since Marvel released a genuine solo movie, and Thor: Ragnarok will not break that trend.
    New York lawmakers approve free middle class college tuition

    New York lawmakers approve free middle class college tuition

    Cuomo's office said 940,000 families are eligible for the benefit, but a legislative analysis said it would be closer to 32,000 . However, they will be responsible for costs of room and board and other fees, if they choose to live on campus.
    A New Nintendo Direct Announced; Will Focus On ARMS and Splatoon 2

    A New Nintendo Direct Announced; Will Focus On ARMS and Splatoon 2

    It's possible Nintendo could also take time to talk about Mario Kart 8 Deluxe, which is released later this month on April 28. The other game, the Arms, is dubbed as the most exciting to watch in Direct as it is a new property from Nintendo.
  • University student killed in Venezuela opposition protest

    University student killed in Venezuela opposition protest

    In a response to the state's decision, Capriles called his supporters to participate in mass demonstrations. Some 57 people were reported injured, according to Blyde and Chacao borough mayor Ramon Muchacho.
    Hungarians Plan More Protests as President's Deadline Nears

    Hungarians Plan More Protests as President's Deadline Nears

    Other chants included "A free country, a free university", "Orban get out", "Viktator!" and "Europe, Europe". The CEU operates in Budapest but is the only worldwide college with no branch outside Hungary .
    Dialog Semi slump, banks weigh on European shares; volatility up

    Dialog Semi slump, banks weigh on European shares; volatility up

    Among other companies, besides Imagination and Dialog, which derive half their revenues from Apple are Hon Hai and Cirrus Logic. The company has already issued a statement noting that it "knows of no business reason" for the movement of its share price.

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.