Author Topic: Major zero-day flaw found in Microsoft Word  (Read 18 times)

0 Members and 1 Guest are viewing this topic.

Offline Scarlett

  • Updates Moderator
  • *
  • Posts: 22996
Major zero-day flaw found in Microsoft Word
« Reply #1 on: April 12, 2017, 10:59:19 PM »
Major zero-day flaw found in Microsoft Word
12 April 2017, 9:05 pm



McAfee security researchers are warning of a new zero-day vulnerability in Microsoft Word being exploited via attached .rtf files since at least January.

The exploit allows a Word document to install malware onto your PC without you ever knowing it, giving the attackers full access to your machine. According to McAfee, the exploit works by connecting to a remote server controlled by the hackers, which will download a file that runs as a .hta file, a dynamic HTML file that is used in Word. 

Security firm FireEye also noted similar malicious .rtf files in its own alert. Both firms say the flaws are within Microsoft's Object Linking and Embedding (OLE) technology and affects all versions of Office, including Office 2016 for Windows 10.

To read this article in full or to leave a comment, please click here



Source: Network World Security

>> To obtain the full NetworkWorld Security article, click the link in the first post line <<

 


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2018 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by DSTM & PseFrank

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques



Smokey's also provides free fully qualified Log / Malware Analysis & Removal Help and System Health Checks