New Attack Discovered on Monday

A zero-day attack affecting Microsoft Word as just been detected.

a zero-day attack is a type of attack that might have been used for a while, unknown to users. Zero day indicates that it has just been discovered, and that the security industry is furiously trying to write a patch to stop it from being used. Expect a Microsoft update soon.

How does the attack work?

Microsoft word 2003 to 2013 are all vulnerable. Text file with the extension .rtf can be modified to corrupt the system memory in a way that some code is executed. When a user opens the file in Microsoft Word (default setting in Windows), or previews an malicious .rtf file in Outlook, an attacker can gain the same privileges as the user, and this can lead to a remote takeover of the PC.

How can you protect your system from this attack?

3 easy ways come to mind:

  1. Stop using MSWord by default to open the .rtf file. To do that , right click on a .rtf file, select open with then Choose default program. Select WordPad, then tick Always use the selected program to open this kind of file.
  2. Ignore emails coming from people you do not know; links in them can point towards infected site, and if there are file attached, they are likely to be malicious. In this case, even previewing the file is enough to trigger the attack.
  3. Do not use MSWord if you can. (Libre office is good.)

Let us know if you can think about another way of keeping the computer safe until the patch is issued.

The detailed technical information about this attack are described by Microsoft on their site.

Comments are closed.