This Microsoft Word bug can bypass your antimalware protection

by Milan Stanojevic
Milan Stanojevic
Milan Stanojevic
Windows & Software Expert
Milan has been enthusiastic about PCs ever since his childhood days, and this led him to take interest in all PC-related technologies. Before joining WindowsReport, he worked as... read more
Affiliate Disclosure

It seems that MS Office is currently under the spotlight but not for something the company is proud of. There is a critical bug affecting Microsoft Office that literally makes malicious codes undetectable by antimalware solutions.

This security vulnerability was discovered by a security vendor, Mimecast in a report released on Tuesday. For the time being, it seems that Microsoft has no plans to work on a bug fix. 

Modus Operandi

The vulnerability actually exists in the way how MS Word handles the Integer Overflow bugs in OLE file format.

The security firm has identified the fact that a group of Serbian attackers are actively hitting the targetted PCs.

You might be wondering how they are able to bypass the existing security firewalls. They are taking advantage of the OLE vulnerability in the MS Office‘s Equation Editor component in order to exploit MS Word documents.

However, Mimecast found out that  hackers were able to gain complete control over the systems through the JACKSBOT malware.

The vendor further states what the malware can do to your systems. Surprisingly, it can create files and/or folders, execute/end programs and visit URLs and run Shell commands

— RELATED: 6 best antivirus tools with unlimited validity [2019 List]

The Equation Editor bug that allows the attackers to have remote administration control the target PC, was initially discovered in November 2017. Although it was patched in the same year, the unpatched systems are still being targeted. 

The code execution or memory corruption is not caused by just the overflow. Hence currently, Microsoft is not planning for a security fix. 

How to secure your systems

Even though the bug was identified and reported back in 2017, most of the system have yet not installed the patch.  Large enterprises and organizations can protect their systems by installing the Equation Editor bug patch. That is the only way you can stop an attack. 

The complete report discusses in detail the technicalities of the exploits.