ssl security

Caution! release zero-day vulnerability in Microsoft Word

Hackers they managed to do it exploit to a vulnerability discovered in the application Become of Microsoft. Through it you can obtain remote control of systems, according to company warning.

Become

The attack currently being released online comes with trapped rich text (RTF) documents that exploit a vulnerability in the Word 2010 version, according to a caution issued today by the company. Emails that are opened or previewed using a default setting in Outlook allow the attacker to acquire the same privileges on the system as the user who is currently logged in.

"Microsoft is aware of a vulnerability that affects supported versions of Microsoft Word," the company told Security Advisory (2953095). "We are currently aware of limited, targeted attacks on users with Microsoft Word 2010. The vulnerability could allow remote code execution if a user opens a specially edited RTF file using an affected version of Microsoft Word. The same thing can happen if you preview or open a specially created RTF file in an e-mail message in Microsoft Outlook, and use Microsoft Word to view the e-mail. ”

The security bulletin says Drew Hintz, Shane Huntley and Google security team Matty Pellegrino discovered the vulnerability, which has been officially recorded as CVE-2014-1761. Microsoft has issued a temporary solution which modifies Microsoft Office and prevents the opening of RTF files in supported versions of Microsoft Word. Users can also protect themselves from exploit by viewing emails in plain text. Microsoft has, of course, stated that it will issue an update to correct the vulnerability when the research is completed.

iGuRu.gr The Best Technology Site in Greeceggns

Get the best viral stories straight into your inbox!















Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).