Microsoft Word zero-day flaw 'used to infect millions'

Microsoft Word hack

FireEye security researchers also said that they were aware of all these attacks that have exploited for several weeks and have synchronized disclosure with Microsoft.

Booby-trapped documents exploiting a critical zero-day vulnerability in Microsoft Word have been sent to millions of people around the world in a blitz aimed at installing Dridex, now one of the most unsafe bank fraud threats on the Internet. Targets are sent a Microsoft Word document that contains HTML application content executed as an.hta file, giving the attackers the ability to execute code on the targeted machine. They would have to click on "Enable Editing" before this can be done thanks to Microsoft Word's "Protected View" safety net for documents downloaded from the web or emails.

"The exploit works on all Microsoft Office versions, including the latest Office 2016 running on Windows 10", McAfee said in an advisory, adding it has seen exploits being carried out since late January. "New, exploitable vulnerabilities are often not readily available but, in this case, attackers obviously jumped at an opportunity to launch a large campaign that relied on this new exploit", he said. In the hours leading up to Microsoft releasing the patch, researchers found attacks using the vulnerability to spread the Dridex banking Trojan. Until Microsoft releases its patch, the only way to avoid being infected by the bug is to avoid email attachments from Microsoft Word.

Iran's Ahmadinejad registers to run for president
Ahmadinejad's populist approach and humble roots mean that he remains a popular figure among poorer sections of society. When asked why he had consistently denied intending to run in recent months, the former president reacted with a smile.

In the meantime, McAfee has warned users not to open Microsoft Office files obtained from untrusted sources.

Finally, a remote code execution vulnerability has been fixed in the Microsoft.NET Framework.

The ultimate solution here is to install Microsoft's patch as soon as possible.

Fox investigating sexual harassment claim against O'Reilly
He said people like him are "vulnerable to lawsuits" from individuals who wants him to pay them to avoid negative publicity. Walsh and her lawyer had a two-hour interview over the phone with four lawyers representing Fox News.

According to the researchers, a victim opening a suspicious Word file - embedded with an OLE2link object - in an email would trigger winword.exe to initiate an HTTP request to the attacker's remote server.

The vulnerability was first discovered by researchers at McAfee, who detailed the bug in more detail last Friday.

In both mentioned documents the malicious script stopped the winword.exe process, downloaded extra payload (s), and burdened a fake document for the user to view. The flaw allows attackers to bypass the exploit mitigations in even the most recent version of Windows. Also, the attack can not bypass the Protected View in Word, so McAfee suggested enabling this view mode when opening documents just to be sure.

Kate Middleton Visits Sister Pippa To Help With Wedding Preparations
Some say it's because Vogue's relationship with Pippa's future brother-in-law, Spencer Matthews, is so new. Kate looked chic and elegant on her floral print dress, which she matched with a pair of black heels.

Share

Related News

  • 'Only time will tell' on improving US-China trade

    'Only time will tell' on improving US-China trade

    But he warned that Pyongyang must halt its provocative nuclear and ballistic-missile testing before diplomatic talks can begin. Walker said he was eager to tell Xi about the abundance of Alaska's resource development opportunities.
    Trump explained US position on THAAD to Xi: South Korea

    Trump explained US position on THAAD to Xi: South Korea

    Trump accepted Xi's invitation to China later this year, state news agency Xinhua news agency cited officials as saying yesterday. North Korea marks several major anniversaries this month and often marks the occasions with major tests of military hardware.
    One For Arthur wins Grand National

    One For Arthur wins Grand National

    He's improved every time". "It's brilliant for Scotland but really it's for the whole team at the yard". Definitly Red's jockey Danny Cook has been ordered by the horse's trainer Brian Ellison "to keep calm".
  • Splatoon 2 hits Switch this July with a salmon-blasting horde mode

    Splatoon 2 hits Switch this July with a salmon-blasting horde mode

    How you unlock new arms is through single player minigames from the Arms League, unlocking them in the Get Arms Service. The recent Splatoon 2 Global Testfire gave fans their first chance to play the new game ahead of its release date.
    Pearl Mackie: I nearly  ran out on my Doctor Who audition

    Pearl Mackie: I nearly ran out on my Doctor Who audition

    Can a show entering its 10th season really be new again? She is simply astonishing, ' he said. He gave a few hints about what Peter Capaldi's Doctor's regneration might look like.
    Twist in EPL title race as Chelsea loses at home

    Twist in EPL title race as Chelsea loses at home

    The Blues require 21 points from the final nine games to be certain of the title. "It makes it more interesting". For sure there was something, but I think it's right also to accept the decision of the referee.
  • Ugandan Activist Nyanzi Arrested, Charged With Cyber Harassment

    Ugandan Activist Nyanzi Arrested, Charged With Cyber Harassment

    She also calls herself "a die-hard Facebooker who loudly speaks her mind based on her banal experiences of life". She is expected back in court on April 25 after prosecutors requested for a mental examination.

    Rice's name requests may be criminal, Trump says

    This includes the role he played in the 2012 Central Intelligence Agency talking points on the Benghazi terrorist attacks. The White House fired him in February after concluding that he had not been truthful about those conversations.

    Canada commemorates the centenary of the Vimy WWI battle

    Charles, the heir to the throne, said the Canadians succeeded where other armies had failed in seizing the high ground at Vimy. The battle of Vimy Ridge was the biggest singled allied advance on the western front up till that point in World War I.
  • See how Democrats vs. Republicans react to controversial Pepsi ad

    See how Democrats vs. Republicans react to controversial Pepsi ad

    Madonna, who has had a long-standing beef with Pepsi after the incident, seems to be still holding a grudge after all this time. Meanwhile, as per Toronto Sun , the actors in the commercial said that most of the extras in the ad weren't even from the US.
    Akzo's Battle With PPG Escalates Amid Push to Oust Chairman

    Akzo's Battle With PPG Escalates Amid Push to Oust Chairman

    Akzo rejected a pair of offers handed in by PPG, but a number of shareholders, including Elliott are in favor of the bid. Akzo Nobel's director of investor relations Lloyd Midwinter was mistakenly included as one of the addressees.

    South Korean supporters of arrested ex-president to protest

    Choi was allegedly meddling in state affairs without holding any official post, and helping to extort money from big corporations. Nearby, 77-year-old Park Seong-woo said that prosecutors and the court have done the right thing to do.