Microsoft fixes Word bug used to steal banking info

Microsoft fixes Word bug used to steal banking info

This vulnerability was made public on Friday, but cyber security firm Proofpoint found that the said zero-day vulnerability was being exploited in an email marketing campaign.

The.hta file enables the attacker to gain full code-execution on the victim's machine - bypassing any memory-based mitigation developed by Microsoft. It will then proceed to download even more malicious payloads across various "well-known malware families", subsequently closing the original Word file that was weaponized for the attack.

The zero-day vulnerability affects multiple versions of Microsoft Office, including the most recent edition of Office 2016 running on Windows 10. This is done by exploiting vulnerabilities under the Windows Object Linking and Embedding (OLE) feature of Microsoft Office. McAfee traced the attacks all the way to late January.

Microsoft also released additional updates for vulnerabilities in its products overnight, as part of its monthly security updates. "Meanwhile, we encourage customers to practice safe computing habits online, including exercising caution before opening unknown files and not downloading content from untrusted sources to avoid this type of issue", the spokesperson advised. To the user, the HTA file appears as a Microsoft Rich text document with a.doc extension.




Multiple reports over the past few days have highlighted a serious security flaw in Microsoft Word which allows hackers to steal banking info.

Proofpoint researchers claim that now the vulnerability is being exploited in malicious documents delivered by email to millions of PC users across different organizations, primarily based in Australia. "Because of the widespread effectiveness and rapid weaponisation of this recent 0-day vulnerability, it is critical that users and organisations apply today's Microsoft patch as soon as possible", he says. "New, exploitable vulnerabilities are often not readily available but, in this case, attackers obviously jumped at an opportunity to launch a large campaign". Since then, fellow cybersecurity firm FireEye published another blog about the same vulnerability, informing it had been withholding disclosure until Microsoft has had a chance to fix the glitch. This is mainly because, according to McAfee, the malware can not bypass the said Microsoft Office feature.

Phishing emails which claim to be from reputable financial organisations contain hidden software - created to exploit a newly discovered flaw in Microsoft Word.

Related news:

Hot News

isis-killer-beheading-video-story-top Everything you need to know about Doctor Who series 10 episode 3
Apr 13, 2017 - 02:18
There have been calls for Capaldi's replacement, after three years as the Time Lord, to be the first female Doctor . She's very interested in The Doctor and the way his mind works. "Maybe I've got more of an adult way of dressing".

isis-killer-beheading-video-story-top 5 children hurt as bounce house goes airborne in SC
Apr 13, 2017 - 02:18
Children in Greenville, South Carolina, lined up for rides at Springwell Church's annual Spring Carnival last week. An unexpected wind gust, out of our control, lifted an inflatable amusement that was on our campus for the event.

isis-killer-beheading-video-story-top Janet Jackson 'moved out of marital home a month ago'
Apr 13, 2017 - 02:17
Jackson, 50, and her husband are said to have agreed that things weren't working and opted to break up - according to TMZ . Janet married the businessman back in 2012, in an intimate ceremony.

isis-killer-beheading-video-story-top Trump reverses position, says North Atlantic Treaty Organisation is 'no longer obsolete'
Apr 13, 2017 - 02:17
Security Council resolution calling for an investigation into the Syria chemical attack failed - killed by a Russian veto. As a candidate Trump complained repeatedly about fellow member states not paying their fair share.

isis-killer-beheading-video-story-top USA backs down on seeking anti-Trump user records
Apr 13, 2017 - 02:15
Customs and Border Protection (CBP) has withdrawn its March 13 summons, "and that the summons no longer has any force or effect". This is not the first time Twitter has filed suit in defense of its and its users' First Amendment rights.

isis-killer-beheading-video-story-top Jump at the pump continues
Apr 13, 2017 - 02:15
Nationally, the spike was not as dramatic, with the average at $2.389, up from $2.326 a week ago and $2.303 at this time in March. Roseville, CA- Roseville motorists aren't alone as seasonal pressure begins kicking gas prices higher around the country.

Sessions directs felony charges against repeat illegal immigrants
Apr 13, 2017 - 02:13
Undocumented immigrants who illegally re-enter the country after prior removal will be referred for felony prosecution. This is the first tour of the U.S. -Mexico border Sessions has made as the nation's top law enforcement officer.

isis-killer-beheading-video-story-top India's March retail inflation rises, February IIP falls
Apr 13, 2017 - 02:07
It has accelerated in recent months, pushed up in part by a weakening of the pound since last year's decision to leave the EU. But we don't think that that will panic the Monetary Policy Committee (MPC) into raising rates imminently.

isis-killer-beheading-video-story-top 'Only time will tell' on improving US-China trade
Apr 12, 2017 - 04:47
Some $347 billion of the $502 billion trade deficit recorded by the US past year was with China . South Korea's acting leader Hwang Kyo-ahn on Saturday held phone talks with U.S.

isis-killer-beheading-video-story-top Sergio Garcia Wins The Masters, Ends Drought At The Majors
Apr 12, 2017 - 04:45
I still have a bunch of good years in me and this is one I hope I can knock off. "But I can live with that". Not enough of a kick, however, and he could only bunt the ball down the fairway and then wedge to 15 feet.

Kim Jong Nam: Corpse arrives in Pyongyang
Apr 12, 2017 - 04:45
North Korea had insisted the body be returned to North Korea, despite North Korean officials claiming the dead man was not Mr Kim. While he is believed to have kept out of politics, he has given brief interviews criticising dynastic succession in North Korea.

isis-killer-beheading-video-story-top Nationals place Turner on 10-day DL with strained hamstring
Apr 12, 2017 - 04:40
The hope was that Turner would be back sometime this week, but the youngster is going to take some additional time to heal up. Washington Nationals shortstop Trea Turner was placed on the 10-day disabled list with a strained right hamstring.

isis-killer-beheading-video-story-top Bradley out of starting lineup for Red Sox, has MRI on knee
Apr 11, 2017 - 09:27
He was sent back to Boston for further evaluation and placed on the disabled list following the game on Monday. Bradley tripped and fell rounding first base but was able to walk off under his own power after falling down.

Out with the old? Outsider candidates rock French election
Apr 11, 2017 - 09:25
Le Pen portrayed her arch rival Macron as "the candidate of the vacuum, of nothing". He said "I am entitled to the presumption of innocence".

isis-killer-beheading-video-story-top NASA's Peggy Whitson takes command of space station
Apr 11, 2017 - 09:23
Three astronauts are heading back to earth having departed the International Space Station earlier. She is the first female astronaut who performed the highest number of spacewalks up to this point.