Microsoft Office Vulnerability Fix

From True North Networks

WARNING – There is currently an aggressive attack campaign underway against a previously undisclosed vulnerability in Microsoft Word, which can be used to quietly install different kinds of malware — even on fully-patched computers. The bug can be exploited on all versions of Microsoft Office, including the latest Office 2016 version running on Windows 10.

The vulnerability cannot bypass the Office Protected View, which should be turned on by default. You can verify those settings using the following steps:

Step 1: Start Word, click File and then choose Options

Step 2: Click Trust Center and then Trust Center Settings

Step 3: Click Protected View, all three of the options listed there should be checked

Step 4: Click OK and you’re done!

Unlike most document-related vulnerabilities, this zero-day bug doesn’t rely on macros (macros use built in code to execute pre-scripted command actions) — in which Office typically warns users of risks when opening macro-enabled files. There is currently no patch for this bug, but Microsoft is expected to release a fix with its next round of security updates. Once released, you will receive the patch within your regularly scheduled patch window. In the meantime, be extra cautious when opening Microsoft Word attachments.


This entry was posted in Uncategorized and tagged . Bookmark the permalink.

2 Responses to Microsoft Office Vulnerability Fix

  1. Brian Sells says:

    Is there a way to due the same check for Word for Mac?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s