Microsoft has advised that they are working on investigating a vulnerability in Word for Windows and Mac which allows attackers to gain access to a user’s home computer.
“In order for this attack to be carried out, a user must first open a malicious Word file attached to an e-mail or otherwise provided to them by an attacker. As a best practice, users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources,” advised Microsoft.
The way it works is that the attacker (the bad guy) either sends a Word file in email, or gets someone to visit a website hosting the malicious Word file and gets them to download it.
Once the malicious Word file is on the user’s computer, it takes advantage of the flaw in Microsoft Word, allowing the attacker access to the user’s computer.
Microsoft says that all of the following versions of Word are at risk: Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac, and Microsoft Word 2004 v. X for Mac, as well as Microsoft Works 2004, 2005, and 2006.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
The best way to avoid having your computer compromised in this way is to use extreme caution in opening any file sent to you by anybody. If you aren’t expecting the file, don’t open it unless and until you first ask the sender whether they in fact sent it.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
Typical lack of information : what exactly does the attacker do on a Macintosh computer ? Run a macro ? Macros can’t reach the protected levels of Mac OS X, so how could this flaw affect Mac security.
Can we have some more information, please ?