Security News > 2021 > September > New 0-Day Attack Targeting Windows Users With Microsoft Office Documents

New 0-Day Attack Targeting Windows Users With Microsoft Office Documents
2021-09-07 21:55

Microsoft on Tuesday warned of an actively exploited zero-day flaw impacting Internet Explorer that's being used to hijack vulnerable Windows systems by leveraging weaponized Office documents.

"Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents," the company said.

"An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights," it added.

EXPMON, in a tweet, noted it they found the vulnerability after detecting a "Highly sophisticated zero-day attack" aimed at Microsoft Office users, adding it passed on its findings to Microsoft on Sunday.

It's worth noting that the current attack can be suppressed if Microsoft Office is run with default configurations, wherein documents downloaded from the web are opened in Protected View or Application Guard for Office, which is designed to prevent untrusted files from accessing trusted resources in the compromised system.

Microsoft, upon completion of the investigation, is expected to either release a security update as part of its Patch Tuesday monthly release cycle or issue an out-of-band patch "Depending on customer needs." In the interim, the Windows maker is urging users and organizations to disable all ActiveX controls in Internet Explorer to mitigate any potential attack.


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/8XfTlHB1Kh8/new-0-day-attack-targeting-windows.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 708 787 4587 4647 3639 13660