A security hole in Microsoft Word – yes, you read that right, MS Word – allows attackers to infiltrate your computer through email, according to online security companies Symantec, F-Secure and Sophos, and the Internet Storm Center (ISC).
The trojan which takes advantage of the hole in Word is being called Ginwui.A (also Oscor-B, W32/Ginwui.A.dr, Backdoor.Ginwui, and W32/Ginwui.A).
How’s that work, then, you may wonder.
According to Symantec, “The attacks use Word document attachments in e-mail messages to trigger the security hole and run code that gives attackers control over vulnerable systems.”
F-Secure’s Mikko Hyppönen, explains that “We have seen malicious Word documents using similar or the same vulnerability in the past, but they have only worked on Chinese language versions of Word…This new version works on English language versions of Word, so there is obviously the potential for the attack to have a larger potential audience of victims.”
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
Sophos has also confirmed this trojan, which they call Oscor-B.
As always, the best defense is a good offense, so secure your computer with these 3 simple steps to take back the net.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.