Word vulnerability exploited to send Dridex malware to millions

Microsoft Word Affected by Critical Office Zero Day Vulnerability Reports McAfee

Microsoft Word Affected by Critical Office Zero Day Vulnerability Reports McAfee

A zero-day code-execution vulnerability in Microsoft Office is one of three critical flaws under active attack in the wild, Microsoft warned Tuesday as it rolled out a batch of updates that plug the security holes.

The.hta file enables the attacker to gain full administrator rights on the victim's machine.

Documents opened with the word processing software may trick users into downloading code that allows cyber criminals to infect their computer and capture banking logins.

Microsoft says it is patching the zero day vulnerability in its ubiquitous Office suite of software applications revealed last week by McAfee. This is done by exploiting vulnerabilities under the Windows Object Linking and Embedding (OLE) feature of Microsoft Office.

The attack can not be activated if people open the documents in Office's protected view, McAfee said.

A security company has found Australians were specifically targeted with malware that exploits a bug in Microsoft Word to steal users' banking details.

There is now no patch for this bug, however, Microsoft is expected to release a fix within its next round of security updates tomorrow. While Microsoft works on a patch, McAfee recommends not opening any Office files obtained from untrusted sources, and also enabling Office Protected View.

South Africa's new finance minister vows 'radical' change
On Saturday, Gigaba promised to transform the South African economy and said he was aware of the lack of trust in the country. But his sacking may now persuade investors and voters that South Africa is heading towards fiscal and political instability.

Microsoft has been quick off the mark to release a patch for the vulnerability, which also affected Office 2016.

Microsoft has said they will patch the flaw today.

The malware can be disguised as important files or documents sent over email, meaning a student's homework or an office presentation could be harboring the next attack.

"The successful exploit closes the bait Word document, and pops up a fake one to show the victim", the McAfee researchers said. This flaw potentially can be exploited by attackers to take complete control of a system running a vulnerable deployment of the framework.

Microsoft is scheduled to release its monthly security updates on Tuesday, but it's not clear if a patch for this vulnerability will be included.

Proofpoint researchers claim that now the vulnerability is being exploited in malicious documents delivered by email to millions of PC users across different organizations, primarily based in Australia. Also, it is vital to ensure Protected View is enabled, as the attack can not bypass the security feature.

From the list, click Open in Protected View. Proofpoint also disclosed that the malware was called Dridex, a unsafe banking malware that exploits Microsoft Office and once the computer is infected, it steals banking information of the user.

Recommended News

  • Intrawest ski resort firm to be sold for $1.5B US

    Intrawest ski resort firm to be sold for $1.5B US

    Goldman, Sachs & Co.is serving as financial advisor to Aspen and KSL and is acting as financial advisor to the new entity. Inc., said the American ski chains are looking north of the border for the same reason as American visitors.
    1 person dead after shooting near mall in South Florida

    1 person dead after shooting near mall in South Florida

    A Coral Gables Police Spokesperson said the scene was secured by 1:45 p.m and officers are now investigating the incident. Two people were airlifted to a hospital, Coral Gables Fire Department Lt.
    Russian Federation  notified U.S.  operation before attack on Syria

    Russian Federation notified U.S. operation before attack on Syria

    Overnight, the President approved the launch of 60 US Tomahawk missiles, which hit the Shayrat air base in south east Homs. The Syrian army and the Russian defense ministry could not immediately be reached for comment.
  • Musa will still play for Leicester, says Shakespeare

    Musa will still play for Leicester, says Shakespeare

    Albrighton scored Leicester's second goal from a free kick in the 10th minute, sending the ball into the top right corner. Who is definitely out for Everton? Wes Morgan is expected to return to defence although he will face a late fitness test.

    Here's what was (apparently) being said between Jose Mourinho and Michael Carrick

    The visitors put the game to bed less than a minute into the second half as Henrikh Mkhitaryan squeezed one past Jordan Pickford. The Argentinian goalkeeper seemed fairly strong in his first Premier League start since joining the club a couple of years past.
    Jay Z Ditches Apple Music and Spotify for Exclusive Streaming on Tidal

    Jay Z Ditches Apple Music and Spotify for Exclusive Streaming on Tidal

    Jay Z is a co-owner of music streaming service Tidal, along with a dozen or so other high profile artists. In response, Apple Music has offered some exclusives of its own, including from R&B singer Frank Ocean.
  • South Carolina children in hospital in bounce house flight

    South Carolina children in hospital in bounce house flight

    Elvis German, who was working nearby, said one house became caught on power lines and was about 20 feet in the air, FOX6 writes. Officials said two inflatables went 25 to 30 feet into the air and it appears that both were anchored.
    Once opposed to intervention, Trump says he can be flexible

    Once opposed to intervention, Trump says he can be flexible

    As a candidate and private citizen, Trump cast Syria's civil war as a quagmire from which the United States should steer clear. We targeted fuel reserves, aircraft, and did not target chemical weapons storages", he said.
    Pak, Chinese, Indian warships rescue bulk carrier from pirates

    Pak, Chinese, Indian warships rescue bulk carrier from pirates

    Nevertheless, the Indian Navy has provided proof of joint rescue operation with Chinese naval force on Monday. The merchant vessel bearing its flag was sailing from Kelang in Malaysia for the Port of Aden.
  • Back from the dead: Obamacare repeal deal near

    Unlike under ObamaCare, the plan would not extend the protections to people who were uninsured and trying to enroll in coverage. And this is - this was a primary commitment that many of us made on the campaign trail - to repeal or replace Obamacare.
    National Football League  investigating Marquette King, Marshawn Lynch for 'violation of gambling policy'

    National Football League investigating Marquette King, Marshawn Lynch for 'violation of gambling policy'

    With the news of the Raiders' eventual move to Vegas, this won't be the only time the NFL's gambling policy is tested. Pittsburgh Steelers linebacker James Harrison and retired running back Marshawn Lynch were billed as team coaches.
    Chelsea tighten grip on EPL title with win over Man City

    Chelsea tighten grip on EPL title with win over Man City

    A fiery encounter saw Chelsea tighten their grip on the title as they secured a 2-1 victory over Pep Guardiola's side. I'm a lucky guy to be here with them. "We created a lot of chances and defended, most of the time , well".

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.