Zero-Day Exploit for Microsoft Office Allows Infection By Opening a File - How to, Technology and PC Security Forum | SensorsTechForum.com
NEWS

Zero-Day Exploit for Microsoft Office Allows Infection By Opening a File

OFFER

SCAN YOUR PC
with SpyHunter

Scan Your System for Malicious Files
Note! Your computer might be affected by Exploit and other threats.
Threats such as Exploit may be persistent on your system. They tend to re-appear if not fully deleted. A malware removal tool like SpyHunter will help you to remove malicious programs, saving you the time and the struggle of tracking down numerous malicious files.
SpyHunter’s scanner is free but the paid version is needed to remove the malware threats. Read SpyHunter’s EULA and Privacy Policy

An infection was discovered to even be able to exploit Windows 10 machines with latest updates, taking advantage of Mircosoft Office zero-day exploit.

News have appeared of a flaw which takes advantage of absolutely all versions of Microsoft Office software. The interesting part unlike many other zero-days previously detected is that this particular attack can be executed by simply opening a malicious document and not even having to enable macros or anything else to become a victim.

First revealed in public by researchers at McAfee, this exploit has also been confirmed by FireEye experts. Thankfully the flaw has been reported to have a patch developed for it, but it is yet to be released and updated on Windows systems.

According to researchers at McAfee, Windows Object Linking also known as OLE, a feature of the Microsoft Office software package, is directly related to the zero-day exploit which was discovered.

The exploit itself has been reported to be slithered via an RTF type of file (Rich Text) which has a malicious object embedded within it. The malicious object has embedded instructions within it to directly sent an HTTP request and hence establish a connection to a malicious command and control server, which is controlled by the hackers in question. From this HTTP request which is usually via an unsecured port, an .hta type of file is sent back to the infected computer, that pretends to be an RTF document.

From this .hta file which is actually an executable file, the malware may be fully activated on the corrupted device.

So far it is not known who has discovered this logical bug, as Microsoft has called it. However, it is clear that it may spread via e-mail attachments as an attachment accompanied to a deceiving message.

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...