New Zero-day exploit uses Word to hack your PC


There was a time when Word documents were the main vector of infections on PCs, due to the ease of creating Macro viruses and the power of the macro language Microsoft used.

That was, however, a very long time ago, and Microsoft has beefed up security in their Office suite quite a bit since then.

That’s about to change, however, as a new Word-based virus is doing the rounds, with no patch currently available.

Security researchers FireEye has revealed a new vulnerability in Word based on Windows Object Linking and Embedding (OLE), and which is currently doing the rounds in the wild.

The virus arrives by email, which when opened activates exploit code in the document which connects to an attacker-controlled server and then downloads a malicious HTML application file that’s disguised to look like a document created in Microsoft’s Rich Text Format. Once running the .hta file downloads additional payloads from different well-known malware families and then pops up a real word document to hide its activities.

The attack works on fully patched PCs and the only mitigation is not to download or open suspicious word files or only view them in Protected View, which does, in fact, protect users on this occasion. Disabling Macros does not offer any protection.

The new malware was discovered some weeks ago and FireEye has notified Microsoft of its existence, but a patch is not ready to be released yet.

Read more about the issue at FireEye here.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

Create a website or blog at

Up ↑

%d bloggers like this: