This Microsoft Word bug can bypass your antimalware protection

Rabia Noureen avatar. By: Rabia Noureen
2 minute read

Home » News » This Microsoft Word bug can bypass your antimalware protection

It seems that MS Office is currently under the spotlight but not for something the company is proud of. There is a critical bug affecting Microsoft Office that literally makes malicious codes undetectable by antimalware solutions.

This security vulnerability was discovered by a security vendor, Mimecast in a report released on Tuesday. For the time being, it seems that Microsoft has no plans to work on a bug fix. 

Modus Operandi

The vulnerability actually exists in the way how MS Word handles the Integer Overflow bugs in OLE file format.

The security firm has identified the fact that a group of Serbian attackers are actively hitting the targetted PCs.

You might be wondering how they are able to bypass the existing security firewalls. They are taking advantage of the OLE vulnerability in the MS Office‘s Equation Editor component in order to exploit MS Word documents.

However, Mimecast found out that  hackers were able to gain complete control over the systems through the JACKSBOT malware.

The vendor further states what the malware can do to your systems. Surprisingly, it can create files and/or folders, execute/end programs and visit URLs and run Shell commands

— RELATED: 6 best antivirus tools with unlimited validity [2019 List]

The Equation Editor bug that allows the attackers to have remote administration control the target PC, was initially discovered in November 2017. Although it was patched in the same year, the unpatched systems are still being targeted. 

The code execution or memory corruption is not caused by just the overflow. Hence currently, Microsoft is not planning for a security fix. 

How to secure your systems

Even though the bug was identified and reported back in 2017, most of the system have yet not installed the patch.  Large enterprises and organizations can protect their systems by installing the Equation Editor bug patch. That is the only way you can stop an attack. 

The complete report discusses in detail the technicalities of the exploits.



Next up

Here’s how to permanently fix Taskhost.exe high CPU usage

John Waibochi avatar. By: John Waibochi
5 minute read

Taskhost.exe is a process that hosts various Windows processes running from a dynamic link library instead of the conventional .exes (executable files). You see, libraries (.dlls) […]

Continue Reading

MsConfig in Windows 8, Windows 10: How to Access it

John Nedelcu By: John Nedelcu
3 minute read

Using the good ol’ msconfig in Windows 10, Windows 8 is very, very simple; read our basic advice to learn how easy it is to […]

Continue Reading

5 best DVD copy protection software to install in 2019

Costea Lestoc By: Costea Lestoc
6 minute read

DVD copy protection is a broad term that covers various methods of copy protection for DVDs. These methods include DRM, CD/DVD-checks, Dummy Files, over-sizing and […]

Continue Reading