This Microsoft Word bug can bypass your antimalware protection
It seems that MS Office is currently under the spotlight but not for something the company is proud of. There is a critical bug affecting Microsoft Office that literally makes malicious codes undetectable by antimalware solutions.
This security vulnerability was discovered by a security vendor, Mimecast in a report released on Tuesday. For the time being, it seems that Microsoft has no plans to work on a bug fix.
The vulnerability actually exists in the way how MS Word handles the Integer Overflow bugs in OLE file format.
The security firm has identified the fact that a group of Serbian attackers are actively hitting the targetted PCs.
You might be wondering how they are able to bypass the existing security firewalls. They are taking advantage of the OLE vulnerability in the MS Office‘s Equation Editor component in order to exploit MS Word documents.
However, Mimecast found out that hackers were able to gain complete control over the systems through the JACKSBOT malware.
The vendor further states what the malware can do to your systems. Surprisingly, it can create files and/or folders, execute/end programs and visit URLs and run Shell commands.
The Equation Editor bug that allows the attackers to have remote administration control the target PC, was initially discovered in November 2017. Although it was patched in the same year, the unpatched systems are still being targeted.
The code execution or memory corruption is not caused by just the overflow. Hence currently, Microsoft is not planning for a security fix.
How to secure your systems
Even though the bug was identified and reported back in 2017, most of the system have yet not installed the patch. Large enterprises and organizations can protect their systems by installing the Equation Editor bug patch. That is the only way you can stop an attack.
The complete report discusses in detail the technicalities of the exploits.
RELATED ARTICLES YOU NEED TO CHECK OUT:
- Outlook vulnerability allows hackers to steal password hashes
- Chrome vulnerability lets hackers collect user data via PDF files
- Update WinRAR to fix a 19-year-old security vulnerability
Taskhost.exe is a process that hosts various Windows processes running from a dynamic link library instead of the conventional .exes (executable files). You see, libraries (.dlls) […]
Using the good ol’ msconfig in Windows 10, Windows 8 is very, very simple; read our basic advice to learn how easy it is to […]
DVD copy protection is a broad term that covers various methods of copy protection for DVDs. These methods include DRM, CD/DVD-checks, Dummy Files, over-sizing and […]