Microsoft Word zero-day flaw 'used to infect millions'

Microsoft Word zero-day flaw 'used to infect millions'

FireEye security researchers also said that they were aware of all these attacks that have exploited for several weeks and have synchronized disclosure with Microsoft.

Booby-trapped documents exploiting a critical zero-day vulnerability in Microsoft Word have been sent to millions of people around the world in a blitz aimed at installing Dridex, now one of the most unsafe bank fraud threats on the Internet. Targets are sent a Microsoft Word document that contains HTML application content executed as an.hta file, giving the attackers the ability to execute code on the targeted machine. They would have to click on "Enable Editing" before this can be done thanks to Microsoft Word's "Protected View" safety net for documents downloaded from the web or emails.

"The exploit works on all Microsoft Office versions, including the latest Office 2016 running on Windows 10", McAfee said in an advisory, adding it has seen exploits being carried out since late January. "New, exploitable vulnerabilities are often not readily available but, in this case, attackers obviously jumped at an opportunity to launch a large campaign that relied on this new exploit", he said. In the hours leading up to Microsoft releasing the patch, researchers found attacks using the vulnerability to spread the Dridex banking Trojan. Until Microsoft releases its patch, the only way to avoid being infected by the bug is to avoid email attachments from Microsoft Word.

Hungary's president signs bill aimed at Soros-founded school
Yee said "the United States does not engage in such agreements about. how universities are going to be run in foreign countries". The US State Department has expressed its concerns about the legislation and the CEU's ability to continue operating in Hungary.

In the meantime, McAfee has warned users not to open Microsoft Office files obtained from untrusted sources.

Finally, a remote code execution vulnerability has been fixed in the Microsoft.NET Framework.

The ultimate solution here is to install Microsoft's patch as soon as possible.

Akzo's Battle With PPG Escalates Amid Push to Oust Chairman
Akzo rejected a pair of offers handed in by PPG, but a number of shareholders, including Elliott are in favor of the bid. Akzo Nobel's director of investor relations Lloyd Midwinter was mistakenly included as one of the addressees.

According to the researchers, a victim opening a suspicious Word file - embedded with an OLE2link object - in an email would trigger winword.exe to initiate an HTTP request to the attacker's remote server.

The vulnerability was first discovered by researchers at McAfee, who detailed the bug in more detail last Friday.

In both mentioned documents the malicious script stopped the winword.exe process, downloaded extra payload (s), and burdened a fake document for the user to view. The flaw allows attackers to bypass the exploit mitigations in even the most recent version of Windows. Also, the attack can not bypass the Protected View in Word, so McAfee suggested enabling this view mode when opening documents just to be sure.

Trump says North Atlantic Treaty Organisation 'no longer obsolete'
He also gave credit to Trump for bringing the issue into focus. "It's very bad for this world", Trump told Fox Business News. Trump says China's long history with North Korea complicates China's ability to crack down on the North's nuclear program.

Share

Related News

  • Gas prices will rise this summer but should remain low

    Gas prices will rise this summer but should remain low

    The price per gallon rose 5.7 cents during the past week to an average of $2.10, according to gas price service GasBuddy . The national average is at its highest price this year and has now increased for 13 of the last 14 days.
    'Only time will tell' on improving US-China trade

    'Only time will tell' on improving US-China trade

    But he warned that Pyongyang must halt its provocative nuclear and ballistic-missile testing before diplomatic talks can begin. Walker said he was eager to tell Xi about the abundance of Alaska's resource development opportunities.
    Kate Middleton Visits Sister Pippa To Help With Wedding Preparations

    Kate Middleton Visits Sister Pippa To Help With Wedding Preparations

    Some say it's because Vogue's relationship with Pippa's future brother-in-law, Spencer Matthews, is so new. Kate looked chic and elegant on her floral print dress, which she matched with a pair of black heels.
  • Baker praises 10-day DL change after Nats shelve Turner

    Baker praises 10-day DL change after Nats shelve Turner

    We're officially a week into the Major League Baseball season, and the injury bug has already bitten the Washington Nationals. Drew started Sunday's game, although the decision on who will get the daily start will likely be a game-by-game basis.

    Xi stops in Alaska on way back to China

    Trump has accused China of "raping" the USA and argued that it has engaged in trade abuses to gain an advantage over the US. A sound bilateral relationship will benefit not only the two countries and peoples, but also the world at large, he said.

    Fox investigating sexual harassment claim against O'Reilly

    He said people like him are "vulnerable to lawsuits" from individuals who wants him to pay them to avoid negative publicity. Walsh and her lawyer had a two-hour interview over the phone with four lawyers representing Fox News.
  • Iran's Ahmadinejad registers to run for president

    Ahmadinejad's populist approach and humble roots mean that he remains a popular figure among poorer sections of society. When asked why he had consistently denied intending to run in recent months, the former president reacted with a smile.
    Rouhani: Terrorists are applauding Trump for attack on Syria

    Rouhani: Terrorists are applauding Trump for attack on Syria

    The news agency reported that during the Friday phone call, the Saudi monarch congratulated Trump for his "courageous decision". The Iranian president added that the Islamic Republic of Iran condemns the use of chemical weapons regardless of who uses them.
    Trump explained US position on THAAD to Xi: South Korea

    Trump explained US position on THAAD to Xi: South Korea

    Trump accepted Xi's invitation to China later this year, state news agency Xinhua news agency cited officials as saying yesterday. North Korea marks several major anniversaries this month and often marks the occasions with major tests of military hardware.
  • Apple quietly launches special edition red iPhone 7

    Apple quietly launches special edition red iPhone 7

    Anyone who wants to learn the basics or go further with their new iPad can register for a free workshop at any Apple Store®. In addition, it has a very good 12.2-megapixel camera that can record video in slow motion, as well in Ultra HD (2160x3840).

    A long, tearful road to a major for Sergio Garcia

    A year later, Harrington rallied from three down to Garcia on the back nine and beat him at Oakland Hills in the PGA Championship. So it did cross my mind. "Everybody that is around me is helping me, making me not only a better golfer but a better person".

    Canada commemorates the centenary of the Vimy WWI battle

    Charles, the heir to the throne, said the Canadians succeeded where other armies had failed in seizing the high ground at Vimy. The battle of Vimy Ridge was the biggest singled allied advance on the western front up till that point in World War I.