Microsoft office 2016 | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have revealed an unpatched logical flaw in Microsoft Office 2016 and older versions that could allow an attacker to embed malicious code inside a document file, tricking users into running malware onto their computers. Discovered by researchers at Cymulate, the bug abuses the ' Online Video ' option in Word documents, a feature that allows users to embedded an online video with a link to YouTube, as shown. When a user adds an online video link to an MS Word document, the Online Video feature automatically generates an HTML embed script, which is executed when the thumbnail inside the document is clicked by the viewer. Researchers decided to go public with their findings three months after Microsoft refused to acknowledge the reported issue as a security vulnerability. How Does the New MS Word Attack Works? Since the Word Doc files (.docx) are actually zip packages of its media and configuration files, it can easily be opened and edited. Acco...

Earlier this year, Microsoft had announced to bring its Office 2016 soon to the world. Also, Office 2016 software version for Mac was released in July 2015. Now speculations gearing up are hinting towards a final release date of Office 2016 for Windows as 22nd September 2015. Though, for Window users it may not be quite a change, because in the new Office suite as compared to its predecessor Office 2013 no such major improvements are visible. Office 2016 for Windows is supposedly debuting in less than a month away and will be available for home and professional users initially. Improvements in Office 2016 Office 2016 is going to be more colorful, with bright and dark colored theme options. Also, this time Microsoft has made it pretty clear that people are required to have Office 365 subscriptions because this time Microsoft is going to send new updates of Office along with the updates of Office 365. Mostly, modifications are done in the Outlook applicat...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...