Security News > 2017 > April > MS Office zero-day exploited in attacks – no enabling of macros required! (Help Net Security)
2017-04-10 12:55
A new zero-day flaw affecting all versions of Microsoft Office is being exploited in attacks in the wild, and no user is safe – not even those who use a fully patched Windows 10 machine. Even worse: targets do not have to anything except run a malicious file in order to get compromised, as the exploit doesn’t require them to enable macros or do anything else. The vulnerability The existence of the flaw was revealed … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/yjH8tczxxlQ/
Related news
- Google fixes Android kernel zero-day exploited in targeted attacks (source)
- Critical Security Flaw in WhatsUp Gold Under Active Attack - Patch Now (source)
- “Perfect” Windows downgrade attack turns fixed vulnerabilities into zero-days (source)
- 18-year-old security flaw in Firefox and Chrome exploited in attacks (source)
- Microsoft discloses Office zero-day, still working on a patch (source)
- Microsoft fixes 6 zero-days under active attack (source)
- Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds (source)
- Google fixes ninth Chrome zero-day exploited in attacks this year (source)
- Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited (source)
- Versa fixes Director zero-day vulnerability exploited in attacks (source)