Another day, another threat to the security of Windows computers. It might not quite be a daily occurrence, but it sure seems that way lately. If you haven’t heard, the latest attack takes advantage of a security vulnerability that exists (existed if you believe Microsoft) in all versions of Microsoft Word. Microsoft released an update to plug that hole on April 11th, but it bears watching to ensure that the patch worked as intended. We’ll explain what to look for, what the threat actually is, and how you can protect yourself in today’s Blog post.
The threat against Word users is what’s known as a zero-day vulnerability. What exactly is a zero-day vulnerability? I’ll defer to Wikipedia: “An undisclosed computer-software vulnerability that hackers can exploit to adversely affect computer programs, data, additional computers or a network. It is known as a ‘zero-day’ because it is not publicly reported or announced before becoming active, leaving the software’s author with zero days in which to create patches or advise workarounds to mitigate its actions.” So, the hackers try to beat the vendor to the punch and utilize a weakness in the software before it can be patched. When you consider that more than 1.2 billion people in 140 countries around the world use Microsoft Office on their computers, the damage that can be done is immeasurable, and the perfect target for cybercriminals.
As is so often the case, the malware is introduced to your computer through an e-mail attachment. The attachment is seemingly a Word document, but when it’s opened, all of hell’s fury is unleashed. Well, maybe not all of hell’s fury, but close. What happens is, the exploit software is hidden inside the Word document. When the user opens this attachment, a request is sent via the Internet to a remote server that is controlled by hackers. A file is then sent from the hackers’ server to the computer that opened the file, granting the criminals full access to install whatever type of malware onto the computer they wish. I should add that all of this is done without the computer user’s knowledge – they simply got the ball rolling by opening the “document” in the e-mail message. As mentioned earlier, all versions of Microsoft Word are affected, including Office 2016 on Windows 10.
So, now that we know what we’re up against, how can we protect ourselves? First and foremost, always make sure your computer is up-to-date with all Windows Updates. Microsoft released a patch to hopefully eradicate this problem on April 11th, so be sure to install any Updates that became available since that date. Though it probably wouldn’t have helped in this case, it’s always a good idea to have an active anti-virus program on your computer at all times. Perhaps your best defense against these type of attacks is the one that I preach constantly: ALWAYS use common sense when opening e-mails. If you receive an e-mail with only a link in the message body, don’t click on it. If an e-mail comes with an attachment from someone you don’t know, don’t click on it. If an e-mail arrives in your inbox with a friend or colleague’s name in the “From” field, but what’s written in the message doesn’t seem to be written in their “voice”, don’t click on any links or attachments in that e-mail. Also, you can always hover your mouse (don’t click) over the sender’s name to display their e-mail address before opening an e-mail.
While cyber threats are scary, if you’re proactive about your security and use good judgment, you’ll be just fine. The best defense always begins at home.