Tag: MS Office
-
Microsoft patches zero-days used by state-sponsored and ransomware threat actors (CVE-2023-23397, CVE-2023-24880)
It’s March 2023 Patch Tuesday, and Microsoft has delivered fixes for 74 CVE-numbered vulnerabilities, including two actively exploited in …
-
Microsoft to boost protection against malicious OneNote documents
Microsoft has announced that, starting in April 2023, they will be adding enhanced protection when users open or download a file embedded …
-
PoC exploit for recently patched Microsoft Word RCE is public (CVE-2023-21716)
A PoC exploit for CVE-2023-21716, a critical RCE vulnerability in Microsoft Word that can be exploited when the user previews a specially …
-
Your Office Document is at Risk – XLL, A New Attack Vector
Microsoft office documents are used worldwide by both corporates and home-users alike. It’s different office versions, whether licensed …
-
Escanor malware delivered in weaponized Microsoft Office documents
Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 500 worldwide, identified a new RAT (Remote Administration Tool) …
-
Microsoft adds default protection against RDP brute-force attacks
“Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors,” David Weston of …
-
Zero-day bug exploited by attackers via macro-less Office documents (CVE-2022-30190)
A newly numbered Windows zero-day vulnerability (CVE-2022-30190) is being exploited in the wild via specially crafted Office documents …
-
Windows Autopatch: Managed enterprise patching for Windows and Office
Microsoft has announced Windows Autopatch: a new service that aims make the second Tuesday of every month “just another Tuesday.” About …
-
Political-themed actor using old MS Office flaw to drop multiple RATs
A novel threat actor with unclear motives has been discovered running a crimeware campaign which delivers multiple Windows and Android …
-
New Unpatched 0-Day Actively Attack Windows By Abusing MS Office Documents
Microsoft issued a warning to Windows users that hackers actively exploiting an unpatched remote code execution 0-Day vulnerability in …
-
Years-old MS Office, Word flaws most exploited to deliver malware
29% of malware captured was previously unknown – due to the widespread use of packers and obfuscation techniques by attackers seeking to …
-
Using virtualization to isolate risky applications and other endpoint threats
More and more security professionals are realizing that it’s impossible to fully secure a Windows machine – with all its legacy …
●●●