Help on the way to cure zero-day vulnerability discovered in Microsoft’s flagship title.
If you’re a Windows fan, take note: a security flaw in Word has been announced, one that apparently affects every single version of the software. The new zero-day vulnerability has been discovered in the Microsoft flagship title, one that may allow malware to infect users’ computers with little to no effort, even on the part of the users.
Cybersecurity firm Proofpoint announced that this past weekend was a busy one for hackers, as multiple reports were made of a massive email campaign that distributed Dridex malware, the same bug that’s believed to be responsible for more than £20 million in theft from bank accounts across the UK. Although the weekend’s campaigns targeted organizations largely scattered across Australia, other mailings ended up in different markets; recipients may also have unintentionally spread the attack via email.
Macro-based attacks sent as email attachments have been on the rise, largely due to the fact that a new crop of younger adult tech users aren’t as familiar with the warnings against it. This campaign relied on Word-based RTF attachments which users opened and installed; the subject line for these emails typical contained the words “Scan Data,” and were sent from a variety of custom domains. However, further modes of attack didn’t require any action on the part of the recipient.
Vulnerable system fully exploited
According to Proofpoint, “When recipients open the document, the exploit – if successful – is used to carry out a series of actions that lead to the installation of Dridex botnet ID 7500 on the user’s system. During our testing (for example on Office 2010) the vulnerable system was fully exploited despite the fact that users were presented a dialog about the document containing ‘links that may refer to other files’ (user interaction was not required).”
Patch on its way
Information on Microsoft’s patch for this vulnerability, as well as download instructions, can be found here. And according to a tweet by Bitdefender, a patch is expected to be available from Microsoft on April 18th