Be Careful Of This Malicious Microsoft Office Zero Day Attack
Be Careful Of This Malicious Microsoft Office Zero Day Attack
Zero-day Word exploit allows computers to be infected via e-mail attachments
13 April, 2017, 02:27
It has been revealed by researchers that a critical Microsoft Office zero-day attack has been targeting Word users since late January.
The.hta executable bypasses memory-based mitigations put into place by Microsoft and gives attackers the ability to execute arbitrary code on the victim's system, McAfeesaid.
Victims are drawn in by opening compromised Word documents sent to them via email that are loaded with the Dridex banking trojan, according to the blog. He said the Microsoft patch should automatically update tomorrow on computers running Windows versions 7, 8 and 10. According to the report, the vulnerability lies in the Windows Object Linking and Embedding (OLE) feature in office.
Allen said, because the security company tended to see vulnerabilities that were being actively exploited by hackers in the wild, vendors tended to be very responsive.
The new vulnerability bug of Microsoft said to be a risky malware attack, according to McAfee anti-virus company.
Microsoft also released additional updates for vulnerabilities in its products overnight, as part of its monthly security updates.
Eurozone's industrial production falls in February
In the consumer-durable segment, the output dipped by 0.9% in February against a growth of 10.4% in same month previous year . On the other hand, factory output for February showed a 1.2 percent decline, after the 2.7 percent increase in January.
"Meanwhile, we encourage customers to practice safe computing habits online", a Microsoft spokesperson said in a statement, "including exercising caution before opening unknown files and not downloading content from untrusted sources to avoid this type of issue".
The document that triggers the OLE2Link vulnerability is an RTF document that masquerades as a Microsoft Word DOC file. This is the first campaign we have observed that leverages the newly disclosed Microsoft zero-day.
The malware can be disguised as important files or documents sent over email, meaning a student's homework or an office presentation could be harboring the next attack. The flaw allowed malicious Word files to contain code that would download malware while popping up a fake document to the user.
The attack was capable of bypassing numerous mitigation systems built into Microsoft Office and Windows created to stop malicious files from executing.
McAfeefound that Microsoft's Office Protect View sandbox will prevent the attack from working. Proofpoint also disclosed that the malware was called Dridex, a risky banking malware that exploits Microsoft Office and once the computer is infected, it steals banking information of the user.
And 32 percent of Americans said the ad made them more likely to buy Pepsi products, versus 20 percent who were less likely. Even Martin Luther King, Jr.'s daughter lambasted the soft-drink company for the ad.
Monday's ceremony included a saxophonist playing "Amazing Grace" and several of Ventura's teammates laying a banner on the mound. After Cain's single, the Royals did not get another hit until Raul Mondesi's sixth-inning leadoff single.
Rising protection could also pose significant risks to the global supply chain of USA companies, in which China plays a key role. However, Pyongyang's response suggested the reclusive state was determined to continue with its nuclear weapons programme.
Akzo rejected a pair of offers handed in by PPG, but a number of shareholders, including Elliott are in favor of the bid. It wasn't clear if Elliott's move would succeed even if the hedge fund could muster enough votes.
Trump has yet to spell out a strategy for what his advisers called a trade relationship based on "the principle of reciprocity". At the end of the summit Friday, Xi departed Florida for a more northern vista, landing in Alaska and requesting time with Gov.
Please bookmark 1redDrop.comto keep tabs on the hottest, most happening tech and business news from around the world. Clips lets users create multi-clip videos on iPhone or iPad without timelines, tracks or complicated editing tools.
Original post: United Airlines is the latest US company trying to boldly prove there's no such thing as bad publicity. After the man refused, United called security, who made a decision to get the man off the plane the hard way.
Ahmadinejad's firebrand style could prove appealing for hard-liners seeking a tough-talking candidate who can stand up to U.S. The council normally does not approve dissidents or women for the formal candidate list.
New Jersey's $2.34 is up 50.3 cents from past year . "Part of that is due to. refinery issues pushing prices higher". Rochesterians will pay more at the gas pump if they plan to travel this holiday weekend, industry experts say.
Bill to Ban Gay Marriage Introduced in North Carolina
The bill would order state government to return to amendment one, a constitutional amendment approved in a 2012 voter referendum. Having lost hundreds of millions of dollars in revenue due to the discriminatory nature of HB2, HB 780 isn't expected to pass.
Pearl Mackie wants to star in Bond movie
Since 1966, the conceit that the Doctor can shape-shift into a new body and personality has been built into the show's DNA. Fern Britton was left embarrassed on The One Show after its revealed she hates Doctor Who - in front of Pearl Mackie .
Equity in Focus: Vornado Realty Trust (NYSE:VNO)
Following U.S. election volatility some analysts have updated their recommended target prices on shares of QTS Realty Trust , Inc. The real estate investment trust reported $0.11 EPS for the quarter, missing the Zacks' consensus estimate of $0.41 by $0.30.
Palestinian force deploys in Lebanon camp, ending clashes
Lebanon's army does not enter Palestinian refugee camps, where security is managed by joint committees of Palestinian factions. Gunfire and explosions were heard on Sunday night, but Lebanese media said the camp appeared calm on Monday.
Markey to Trump: Negotiate with Kim Jong Un
USA security concerns with China also focus on Beijing's expansive territorial claims in the strategic South China Sea. Beijing is building and fortifying islands in pursuit of expansive territorial claims in the strategic waterway.
Rose sees late lead slip away at Augusta National
Garcia, though, added another when it mattered in the play-off. "It was so freaky that I didn't feel one nerve". He made a birdie on No. 14, and on the par-5 15th, he almost dropped his 8-iron directly into the cup.
North Korea Calls US Strikes on Syria 'Unforgivable'
Following the Syria bombing - a North Korean ally - Kim threatened to reduce the United States "to ashes" in retaliation. Trump also pressed forward with his rhetoric that the United States has been "treated unfairly" on the trade front.
Amb. Nikki Haley: We don't see peace in Syria with Assad
Discussing the round of missile strikes, Mr Johnson told The Sun newspaper: "Crucially - they could do so again". Rouhani said "neutral countries should come and assess to make it clear where the chemical weapons came from".
LeEco's $2 Billion Vizio Acquisition Attempt is No More
Both LeEco and Vizio have announced that the merger agreement for the former to acquire the latter will not proceed. By many measures, the quickly growing company appeared poised to becomes a global consumer electronics powerhouse.