The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Most Trusted Cyber Security and Computer Security Analysis: Microsoft office

Unpatched Microsoft Word Flaw is Being Used to Spread Dridex Banking Trojan

Unpatched Microsoft Word Flaw is Being Used to Spread Dridex Banking Trojan

April 11, 2017Swati Khandelwal
If you are a regular reader of The Hacker News, you might be aware of an ongoing cyber attack — detected in the wild by McAfee and FireEye — that silently installs malware on fully-patched computers by exploiting an unpatched Microsoft Word vulnerability in all current versions of Microsoft Office. Now, according to security firm Proofpoint, the operators of the Dridex malware started exploiting the unpatched Microsoft Word vulnerability to spread a version of their infamous Dridex banking trojan . Dridex is currently one of the most dangerous banking trojans on the Internet that exhibits the typical behavior of monitoring a victim's traffic to bank sites by infiltrating PCs and stealing victim's online banking credentials and financial data. The Dridex actors usually relied on macro-laden Word files to distribute the malware through spam messages or emails. However, this is the first time when researchers found the Dridex operators using an unpatched zero-day flaw
Beware of an Unpatched Microsoft Word 0-Day Flaw being Exploited in the Wild

Beware of an Unpatched Microsoft Word 0-Day Flaw being Exploited in the Wild

April 09, 2017Swati Khandelwal
It's 2017, and opening a simple MS Word file could compromise your system. Security researchers are warning of a new in-the-wild attack that silently installs malware on fully-patched computers by exploiting a serious — and yet unpatched — zero-day vulnerability in all current versions of Microsoft Office. The Microsoft Office zero-day attack, uncovered by researchers from security firms McAfee and FireEye, starts simply with an email that attaches a malicious Word file containing a booby-trapped OLE2link object. When opened, the exploit code gets executed and makes a connection to a remote server controlled by the attacker, from where it downloads a malicious HTML application file (HTA) that's disguised as a document created in Microsoft's RTF (Rich Text Format). The HTA file then gets executed automatically with attackers gaining full code execution on the victim's machine, downloading additional payloads from "different well-known malware families"
Microsoft releases tons of Security Updates to patch 44 vulnerabilities

Microsoft releases tons of Security Updates to patch 44 vulnerabilities

June 15, 2016Swati Khandelwal
Microsoft has released 16 security bulletins on Tuesday resolving a total of 44 security holes in its software, including Windows, Office, Exchange Server, Internet Explorer and Edge. Five bulletins have been rated "critical" that could be used to carry out remote code execution and affected: Windows, Internet Explorer (IE), Edge (the new, improved IE), Microsoft Office and Office services; and the remaining 11 are marked important. One of the critical issues, MS16-071 that caused alarm bells to go off for many security experts involves a Use-After-Free bug (CVE-2016-3227), which affects Microsoft Windows Domain Name System (DNS) servers for Windows Server 2012 and 2012 R2. The vulnerability resides in the way servers handle requests. Attackers could send a specially crafted request to a DNS server and convinced it to run arbitrary code in the context of the Local System Account, Microsoft's advisory warns. Another critical vulnerability is addressed in MS16-070, which patc
Enable this New Setting to Secure your Computer from Macro-based Malware

Enable this New Setting to Secure your Computer from Macro-based Malware

March 31, 2016Unknown
Do you deal with MS Word files on the daily basis? If yes, then are you aware that even opening a simple doc file could compromise your system? It is a matter to think that the virus does not directly affect you, but it is you who let the virus carry out the attack by enabling deadly "Macros" to view the doc contents that are generally on eye-catching subjects like bank invoice. How Macros are Crippling your System? The concept of Macros dates back to 1990s. You must be familiar with this message: " Warning: This document contains macros. " A Macro is a series of commands and actions that help to automate some tasks. Microsoft Office programs support Macros written in Visual Basic for Applications (VBA), but they can also be used for malicious activities like installing malware. Hackers are cleverly using this technique on the shade of social engineering by sending the malicious Macros through doc file or spreadsheet with an eye-catching subject in t
Microsoft issues Security Patches for Windows 10 and Edge Browser

Microsoft issues Security Patches for Windows 10 and Edge Browser

August 12, 2015Swati Khandelwal
Updated your PCs to Windows 10 ? Now it's time to patch your Windows 10 software. Microsoft has issued its monthly Patch Tuesday by releasing 14 security bulletins , nearly half of it address vulnerabilities in its latest operating system, Windows 10. Four of them are marked critical, affecting Windows, .Net Framework, Microsoft Office, Microsoft Lync, Internet Explorer, Microsoft Silverlight and Edge Browser . Yes, the critical update includes even Edge browser – Microsoft's newest and supposedly super-secure web browser. Windows users are advised to patch their system as soon as possible because the security flaws can be remotely exploited to execute malicious code on vulnerable systems, allowing hackers to install malware and take full control of systems. Most Critical Security Updates: MS15-079 – The critical update fixes a total of 10 privately disclosed flaws in Internet Explorer. Most of these flaws allow a hacker to execute malicious code on v
Microsoft Critical Vulnerabilities that You Must Patch Coming Tuesday

Microsoft Critical Vulnerabilities that You Must Patch Coming Tuesday

April 05, 2014Anonymous
On passed Thursday, Microsoft has released an advance advisory alert for upcoming Patch Tuesday which will address Remote Code Execution vulnerabilities in several Microsoft's products. Microsoft came across a limited targeted attacks directed at their Microsoft Word 2010 because of the vulnerability in the older versions of Microsoft Word. This Tuesday Microsoft will release Security Updates to address four major vulnerabilities, out of which two are labeled as critical and remaining two are Important to patch as the flaws are affecting various Microsoft software such as, Microsoft Office suite, Microsoft web apps, Microsoft Windows, Internet Explorer etc. VULNERABILITY THAT YOU  MUST PATCH Google Security Team has reported a critical Remote code execution vulnerability in Microsoft Word 2010 ( CVE-2014-1761 ) which could be exploited by an attacker to execute the malicious code remotely via a specially crafted RTF file , if opened by a user with an affected vers
UK government planning to ditch Microsoft for Open Source alternatives

UK government planning to ditch Microsoft for Open Source alternatives

January 31, 2014Anonymous
Downfall in the monopoly of propriety software like Microsoft and Apple accelerated after the Snowden revelations of NSA spying, where technology giants like Microsoft, Google, Apple are sharing a bed with the NSA. The UK government is again planning to ditch Microsoft for Open Source and Free alternatives. Cabinet Office minister Francis Maude announced yesterday that they are move away from Microsoft Office, towards open source softwares like  OpenOffice & LibreOffice suites, in an effort to drive down costs and foster greater innovation. UK has spent about £200 million in the last three years for Microsoft's ubiquitous software suite, but now this migration will save large revenue of the kingdom, according to The Guardian . The cabinet Office minister said, " We know the best technology and digital ideas often come from small businesses, but too often in the past they were excluded from government work. In the civil service there was a sense that if you hired a
Syrian Electronic Army kept their promise; Microsoft's Office blog hacked

Syrian Electronic Army kept their promise; Microsoft's Office blog hacked

January 21, 2014Mohit Kumar
Yesterday Night Microsoft has faced another targeted attack by the Syrian Electronic Army (SEA), a group supposed to be aligned with Syrian President Bashar al-Assad . The SEA group is popular for its advance phishing attack and using the same technique they also hacked into the Official Twitter account of Microsoft News, Xbox Support, Skype and also defaced the Microsoft, Skype Official Blog pages in the past few weeks. Yesterday, Just after the Microsoft uploaded the newly designed website of it ' Microsoft Office ' blog, the Syrian Electronic Army gang again compromised it successfully. SEA uploaded the hacked blog screenshots on their twitter account, with a defacement article titled " Hacked by the Syrian Electronic Army ", as shown. Before, they also taunted Microsoft that " changing the CMS will not help you if your employees are hacked and they don't know about that ." The Group kept their promise to continue their attacks
Microsoft set to deliver Patches for three Critical flaws, but no patch for Office Zero-day vulnerability

Microsoft set to deliver Patches for three Critical flaws, but no patch for Office Zero-day vulnerability

November 09, 2013Wang Wei
Microsoft has released advanced notification for the November 2013 security updates that are scheduled to be released on November 12, 2013. The company plans to deliver eight security bulletins for Windows 8.1, three of them are rated critical and five are important. But there's no relief in sight for a zero-day vulnerability ( CVE-2013-3906 ) in how Office handles .TIFF graphics files . The bulletins listed in Microsoft's advanced notification as critical are for remote code execution vulnerabilities in Windows operating system and the remaining vulnerabilities listed as important are said to be remote code execution, elevation of privilege, information disclosure and denial of service flaws affecting Windows operating system, as well as Microsoft Office. A malicious zero day attack capable of hijacking your PC via a vulnerability found in Windows, Office, and Lync is being exploited more widely than originally thought. Some new reports of the security resea
CVE-2013-3906 : Zero Day Vulnerability in Microsoft Graphics Component

CVE-2013-3906 : Zero Day Vulnerability in Microsoft Graphics Component

November 06, 2013Mohit Kumar
Microsoft has issued a temporary fix for a 0day vulnerability that can be exploited to install malware via infected Word documents. A Zero-day Remote code execution flaw, which has been dubbed CVE-2013-3906 , exploits a vulnerability in a Microsoft graphics component, to target Microsoft Office users running Windows Vista and Windows Server 2008. " The vulnerability is a remote code execution vulnerability that exists in the way affected components handle specially crafted TIFF images ," it said in the post .  Vulnerability was reported to Microsoft by McAfee Labs senior security researcher Haifei Li. A successful infection can give an attacker complete control over a system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Currently the company is only aware of targeted attacks mostly in the Middle East and South Asia, with attackers sending unsuspecting v
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.