FireEye confirmed that its researchers had shared details of the vulnerability with Microsoft and had been working with the tech giant for several weeks in request for public disclosure along with the release of a patch by the company.
Microsoft also released additional updates for vulnerabilities in its products overnight, as part of its monthly security updates.
In the meantime, users should be wary of documents received from untrusted sources and should enable the Office Protected View mode because it can block this attack.
Ski industry sees another big consolidation with Aspen deal
Canadian Mountain Holidays, the largest heliskiing operation on Earth, will be acquired by the Aspen Skiing Co. and KSL, too. The deal is subject to regulatory approval; Intrawest says it expects to close the deal by the third quarter of this year.
When contacted by eWEEK's Sean Michael Kerner, a Microsoft spokesperson said a patch was set to arrive on April 11. To the user, the HTA file appears as a Microsoft Rich text document with a.doc extension.
Two cybersecurity firms have uncovered vulnerabilities in Microsoft Office files that have allowed hackers to install malware through Word documents.
As per our previous coverage, it was known that the vulnerability was being actively exploited by at least three separate attackers. In a blog post, the anti-virus company also said that the unsafe malware attack is possible due to Microsoft's OLE (Object, Linking, and Embedding) technology, TNW has reported.
The emails use spoofed email domains and attachments that pretend they are scanned documents to lure users into opening them.
The attack bypasses most exploit mitigation measures, including those contained in Windows 10, Microsoft's most secure operating system. Proofpoint also disclosed that the malware was called Dridex, a unsafe banking malware that exploits Microsoft Office and once the computer is infected, it steals banking information of the user. Once the user has opened the files, their PC will automatically download contained HTM application that enables criminals to have a full access on the user's machine.
"According to our tests, this active attack can not bypass the Office Protected View, so we suggest everyone ensure that Office Protected View is enabled".
- During border visit, AG Sessions outlines immigration plan
- Man who killed wife at California school called her 'angel'
- Google blocks invasive Burger King ad
- AIMPLB vice-president's statement on triple talaq his 'personal view': Muslim cleric
- GOP owns health care dilemma now, and voter skepticism
- Kante admits to choosing Chelsea over Arsenal
- Rose, Garcia Tied for Lead at Masters in Prelude to Finale
- Easter quirk holds back March inflation rate
- BlackBerry awarded $815 million over royalties dispute with Qualcomm
- Taiwan bans sale, consumption of dog and cat meat