Hackers are attacking Word users with new Microsoft Office zero-day vulnerability

This was one was discovered Friday by the folks over at McAfee. It does not rely on Macros to execute (that's some damn fine engineering). The bug affects all supported versions of Microsoft Word but will be fixed this week. We'll see.

Attackers are exploiting a previously undisclosed vulnerability in Microsoft Word, which security researchers say can be used to quietly install different kinds of malware -- even on fully-patched computers.

Unlike most document-related vulnerabilities, this zero-day bug that has yet to be patched doesn't rely on macros -- in which Office typically warns users of risks when opening macro-enabled files.

Instead, the vulnerability triggered when a victim opens a trick Word document, which downloads a malicious HTML application from a server, disguised to look like a Rich Text document file as a decoy. The HTML application meanwhile downloads and runs a malicious script that can be used to stealthily install malware.

Researchers at McAfee, who first reported the discovery on Friday, said because the HTML application is executable, the attacker can run code on the affected computer while evading memory-based mitigations designed to prevent these kinds of attacks. 

Read more - click here.

Last modified on Monday, 10 April 2017 12:04

Da Boss!

Website: www.digitalsmind.com Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Latest Content

  • iOS 11 is causing massive battery drain problems
    Written by

    Da Boss!

    iOS 11 is causing massive battery drain problems Sometimes, it's a good thing to just wait for the…
    Read more...
  • Meth found in 7-Up in Mexico
    Written by

    Da Boss!

    Meth found in 7-Up in Mexico Meth in 7-Up. What's next? 
    Read more...
  • ASUS B250 Mining Expert LGA 1151 Motherboard - supports up to 16x GPU, Mining Mode BIOS Optimization
    Written by

    Da Boss!

    ASUS B250 Mining Expert LGA 1151 Motherboard - supports up to 16x GPU, Mining Mode BIOS Optimization Ya know, if I was that into Mining I would…
  • CCleaner for Windows "Hacked" - Hackers Hid Backdoor
    Written by

    Da Boss!

    CCleaner for Windows "Hacked" - Hackers Hid Backdoor Welp...I'm s****! I use CCleaner all the time. So much…
    Read more...
  • Introducing Project “Honolulu”, our new Windows Server management experience
    Written by

    Da Boss!

    Introducing Project “Honolulu”, our new Windows Server management experience This looks pretty cool! I could see myself using it.
    Read more...

Visit the Digitalsmind Video YouTube Page!

Did you know we have a video page on YouTube? 

Well... WE DO! 

Check us out! 

- Our Video page.