Tweet
Faulty Word Attachments
Microsoft is at the bad end of yet another Zero-Day flaw, bringing the total to five unpatched vulnerabilities in almost 60 days. Security companies of Symantec and Secuna have reported the security hole that could allow attackers control of your system by simply opening an infected MS Word document. The vulnerability has even earned itself a "highly critical" rating, which is the highest level a security threat can get. In other words, this is serious.
The flaw is actively being exposed by attackers who are feverishly attempting to infect as many PCs as possible by sending out spam e-mails that contain infected Word documents. If this specially crafted Word document is opened by a user, it will introduce a Trojan called Trojan.Mdropper.W to the system. It will then install silently in the background, allowing remote control of the infected system.
The attacks are not limited to e-mail attachments either. A user can also be infected by visiting a Web site that opens one of these infected Word documents, resulting in the same remote code execution.
Comment