Critical Word and Excel vulnerabilities persist, endangering thousands of users worldwide

These exploits prey on less security-savvy users

Reading time icon 2 min. read


Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

word excel exploit

Microsoft Office is used by millions of users worldwide, but have you wondered how safe Office tools are?

Even though Microsoft is doing its best to keep its users safe, and the company has just released KB5035238 which addresses Group Policy Issues, there are still threats that can affect users.

Three security flaws are still wreaking havoc among Office users

As reported by GBHackers, three common vulnerabilities are still affecting Office users. All these vulnerabilities allow hackers to hide the malware and trick users into opening the infected documents.

According to CheckPoint, in 2023 there were more than 13000 samples that had these vulnerabilities. Regarding the affected file types, these exploits affect DOC(X), XLS(X), and RTF files.

Regarding the most common targets, financial and government institutions are top priorities, however, more than half of attacks are targeting other industries.

The most common exploits are CVE-2017-11882, CVE-2017-0199, and CVE-2018-0802, and they have been used to spread various malware.

These exploits allow hackers to run keyloggers and steal your information, such as online credentials. Some of them can even take screenshots without you knowing.

To trick unsuspected users, these documents will usually have poorly formatted text that you can’t edit unless you enable editing. But as soon you do that, you allow malware to spread.

To stay safe, always practice vigilance and keep your system and applications up to date. Also, don’t open links or attachments from unknown senders, and try to keep aware of the latest threats.

Security breaches can happen, and it seems that Azure cloud accounts were hacked in the latest breach, so stay tuned for more updates and security news.

More about the topics: Microsoft Excel, Microsoft Word, security

User forum

0 messages