U.S. markets closed
  • S&P 500

    4,071.70
    -4.87 (-0.12%)
     
  • Dow 30

    34,429.88
    +34.87 (+0.10%)
     
  • Nasdaq

    11,461.50
    -20.95 (-0.18%)
     
  • Russell 2000

    1,892.84
    +11.16 (+0.59%)
     
  • Crude Oil

    80.34
    -0.88 (-1.08%)
     
  • Gold

    1,811.40
    -3.80 (-0.21%)
     
  • Silver

    23.17
    +0.53 (+2.33%)
     
  • EUR/USD

    1.0531
    +0.0002 (+0.02%)
     
  • 10-Yr Bond

    3.5060
    -0.0230 (-0.65%)
     
  • GBP/USD

    1.2296
    +0.0040 (+0.33%)
     
  • USD/JPY

    134.2900
    -1.0160 (-0.75%)
     
  • BTC-USD

    16,981.22
    +30.96 (+0.18%)
     
  • CMC Crypto 200

    404.33
    +2.91 (+0.72%)
     
  • FTSE 100

    7,556.23
    -2.26 (-0.03%)
     
  • Nikkei 225

    27,777.90
    -448.18 (-1.59%)
     

Microsoft Patches Major Security Flaw In Microsoft Word Used To Spread Malware

Microsoft fixed a major security flaw in Microsoft Office that made the program vulnerable to malware that could steal banking credentials.

Microsoft released a patch Tuesday that fixed a zero-day vulnerability in Microsoft Word that left the popular word processor susceptible to attacks.

According to the patch, released as part of Microsoft’s typical Tuesday software updates, the computing giant resolved an issue that “could allow remote code execution if a user opens a specially crafted Office file.”

Read: Tizen Zero-Days: Samsung Operating System Prone To Attacks, According To Security Experts

The vulnerability was first spotted late last week by security researchers at McAfee, who found the zero-day—a term for an unknown security vulnerability that has yet to be fixed—was being exploited by a spam-driven attack and used to spread malware.

Researchers who spotted the security flaw said attackers were able to exploit the vulnerability by sending a massive spam campaign use emails designed to look like they came from Microsoft. Attached to the emails was a Microsoft Word document containing malicious attachments.

The spam messages often came from spoofed domains and contained terms like “copier”, “documents”, “noreply”, “no-reply” or “scanner”. The subject line in the attacks contained the term “Scan Data” and included attachments named “Scan_123456.doc” or “Scan_123456.pdf” with randomly generated numbers.

The attack was capable of bypassing many of the mitigation systems built into Microsoft Office and Windows designed to stop malicious files from executing. In a test of the attack by security firm Proofpoint, they found the exploit only required the user to attempt to open the document. Once Microsoft Office launched in attempts to read the file, it would be infected.

When successful, the attack would lead to the installation of Dridex malware, a particularly notorious strand of virus known for targeting and stealing a user’s banking credentials.

Read: 66 Percent Of Android Devices Reportedly Susceptible To Zero-Days

The zero-day vulnerability affects multiple versions of Microsoft Office, including the most recent edition of Office 2016 running on Windows 10.

How To Protect Yourself From The Attack

To mitigate the security flaw, users should download the most recent patch from Microsoft. The company notes users “must have the release version of Service Pack 2 for Office 2010 installed on the computer” to apply the security update.

Security experts also recommend blocking RTF documents in Microsoft Word. To do so, click the File tab, then click options. Click on the Trust Center, and open the Trust Center Settings. In the Trust Center, click File Block Settings. Check the box next to “RTF” to ensure that type of file cannot be opened by Microsoft Office.

Related Articles