Computer viruses and malware are very common nowadays, especially for anyone who uses a Windows operating system. This is why the market is now teeming with a number of anti-virus and anti-malware software that promises to protect the users from malicious apps that may try and harm their computers. Unfortunately, not everything can be covered by a certain anti-malware software all at the same time. Case in point is the newly discovered zero-day vulnerability in the Microsoft Office application.
According to researchers from McAfee, a zero-day exploit was discovered in the wild recently. This bug is quite serious as it can provide system-wide control to the attacker. This is done by exploiting vulnerabilities under the Windows Object Linking and Embedding (OLE) feature of Microsoft Office.
The way this malware works is through a dummy Word file that is sent via email or downloaded from a certain website. Once the file is opened, the code within connects to a remote server to download another file, this time a “.hta” file which is an executable HTML file. After the download is finished, the file will run without any user intervention and open up the infected machine to any form of control.
Infected systems run the risk of exposing user credentials like bank accounts and email usernames and passwords. Not only that, since the control is system-wide, the culprit can even erase of format the computer’s hard drive if it wishes to. Also, it can even be turned into a ransomware where users are extorted for money in exchange for unlocking their computers.
As a precaution, users are advised to be wary of any file received or downloaded from untrusted sites. Also, users are urged to activate or enable Microsoft Office’s Protected View. This is mainly because, according to McAfee, the malware cannot bypass the said Microsoft Office feature.
The worst part of the vulnerability is the fact that, at the moment, the exploit is still unpatched. However, the guys at McAfee were good enough to alert Microsoft about it. Microsoft is yet to release an official update for the said vulnerability. That is why users are urged to exercise extreme caution.