Zero-day cyber attacks are one of the most severe digital issues. They are called this way as the victims are not aware of the threat. There is no news from which they can learn about the latest technique employed in the new type of attacks. This is why they have zero days at their disposal to take the necessary steps against cyber bullies. As of recently, word documents have become the means to new security issues. The new technique makes use of the vulnerabilities found in Windows Object Linking and Embedding or OLE.
All Word Documents Are Exposed to the New Threat
The new malicious technique is supposed to take over even the computers that enjoy unlimited protection from anti-virus programs. There is no intel yet of any version of Word documents that is powerful enough to withstand this threat. Moreover, Windows 10 has not yet mentioned any solution against a possible attack on its users. This type of zero-day threat works on embedding a document with a code that summons malware from a remote server. Different techniques cover the tracks.
McAfee and FireEye are the two security organizations that found signs of the cyber attacks over the weekend. They caught sight of suspicious activity from different Word documents. They were created as RTF files, yet with the extension name .doc. The security breach is effective with all versions of Microsoft Office. The latest 2016 version that runs on Windows 10 makes no exception.
Users Can Safely Preview an Infected Document with Protecting View
The earliest signs of the presence of such malware were recorded back in January 2017. Through the RTF files, the exploit gains a connection to the computer, and it starts downloading a file with HTML code. The file is afterward executed as a .hta file. As this type of document is entirely executable, the attacker manages to gain full execution on the PC. Once active, this bugs render the cyber thieves the protocol to ignore all Microsoft mitigations.
The malicious document enters one’s system by means of e-mail usually. Thus, users should be careful about what files they open, even though they are sent via trusted persons. However, McAfee statement mentioned that the virus gains no power when users preview the file with Protecting View. Nonetheless, it is not certain if Enhanced Mitigation Experience Toolkit is as effective.
Image source: 1