Skip to main content

Microsoft Word Vulnerability Being Used To Victimize Email Users

By May 6, 2017May 25th, 2021Cybersecurity

Microsoft is taking some heat, thanks to a nasty exploit in Microsoft Word that is being used to install malware on the PCs of unsuspecting users. The exploit was discovered by both McAfee and security firm FireEye, and based on the joint research by both firms, it has been in use since at least January.

It exploits a zero-day vulnerability in the logic of the software relating to OLE (Object Linking and Embedding), which allows documents to embed links and references to objects or other documents.

When malicious documents containing this exploit are opened, they ping an external server and download an HTA file (web server file, like HTAccess), which is disguised as a simple rich text document (RTF).

If the attack is successfully executed, the original Word file is closed, and a fake embedded document is displayed to distract the user. In the background, whatever malware the hackers want installed is being set up on the user’s PC.

There’s no limit to the amount of damage this attack can cause. It’s entirely dependent on what the hackers want to install. Keyloggers, ransomware or anything else they can dream up, and unfortunately, due to the nature of the attack, it’s virtually undetectable.

The two security companies pooled their research and have brought their findings to the attention of Microsoft, which is slated to release a regular security update later this month. At this time, it is not known whether the security update will contain a fix for this particular vulnerability, or if we’ll be seeing a special update that addresses it specifically.

In the meantime, it’s more important than ever to remind your employees not to open any file they receive from an unknown or untrusted source. Even if the source is trusted, a good second step would be to pick up the phone and voice verify that the attachment is legitimate.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.