Security News
Microsoft has released Office 2024 for small businesses and consumers who want a standalone version without a Microsoft 365 subscription. [...]
After Office 2024 launches in October, Microsoft will disable ActiveX controls by default in Word, Excel, PowerPoint, and Visio client apps. [...]
Cybercriminals are distributing a malware cocktail through cracked versions of Microsoft Office promoted on torrent sites. The malware delivered to users includes remote access trojans, cryptocurrency miners, malware downloaders, proxy tools, and anti-AV programs.
Cybersecurity researchers have discovered a targeted operation against Ukraine that has been found leveraging a nearly seven-year-old flaw in Microsoft Office to deliver Cobalt Strike on...
A preview of Microsoft Office LTSC 2024, a volume-licensed and perpetual version of Office for commercial customers, is now available for Windows and macOS users. Office LTSC 2024 for commercial preview, Visio 2024 preview, and Project 2024 preview.
A new phishing campaign is targeting U.S. organizations with the intent to deploy a remote access trojan called NetSupport RAT. Israeli cybersecurity company Perception Point is tracking the...
Microsoft today released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution vulnerability tracked as CVE-2023-36884 that threat actors have already leveraged in attacks. In today's Microsoft August Patch Tuesday, the update helps fix CVE-2023-36884, a security issue disclosed in July, which Microsoft did not patch at the time but provided mitigation advice.
The main executable for the Microsoft Publisher application has already been confirmed that it can download payloads from a remote server. According to recent research, even executables that are not signed by Microsoft serve purposes that are useful in attacks, such as reconnaissance.
Office Open XML Signatures, an Ecma/ISO standard used in Microsoft Office applications and open source OnlyOffice, have several security flaws and can be easily spoofed. Microsoft refers to the format simply as Open XML. The boffins say they found discrepancies in the structure of office documents and the way signatures get verified.
British outsourcing services provider Capita announced today that a cyberattack on Friday prevented access to its internal Microsoft Office 365 applications. The cyber incident prompted the Capita on March 31 to announce an IT issue that impacted its internal systems.