Security News > 2017 > April > MS Office zero-day exploited in attacks – no enabling of macros required! (Help Net Security)

2017-04-10 12:55
A new zero-day flaw affecting all versions of Microsoft Office is being exploited in attacks in the wild, and no user is safe – not even those who use a fully patched Windows 10 machine. Even worse: targets do not have to anything except run a malicious file in order to get compromised, as the exploit doesn’t require them to enable macros or do anything else. The vulnerability The existence of the flaw was revealed … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/yjH8tczxxlQ/
Related news
- Broadcom fixes three VMware zero-days exploited in attacks (source)
- Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- AI-Powered SaaS Security: Keeping Pace with an Expanding Attack Surface (source)
- EncryptHub linked to MMC zero-day attacks on Windows systems (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- New TCESB Malware Found in Active Attacks Exploiting ESET Security Scanner (source)