Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Word 2012 nasty bug still remains a good tool for attackers

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

July 5, 2016

Most likely one of the most exploited and still unchallenged Microsoft Office vulnerability of the last ten years was found and patched more than four years ago.

Yet, Sophos threat researcher Graham Chantry says the longevity of the nasty bug affecting Office 2003, 2007 and 2010 is thanks to its constant adaptation by exploit kit authors, and a pervasive unwillingness to patch that security flaw.

So remarkably 'loosey-goosey' are some legitimate users and organizations that they're running behind even the pirates offering black-market versions of the latest 2016 versions of Office.

They have all but abandoned torrents seeding the exposed old versions. "It is somewhat a modern day embodiment of Charles Darwin’s On the Origin of Species," Chantry says in analysis.

"While it's not that unusual for a certain security vulnerability to be favored over others, it is rare for one to do so consistently and for such a long period of time," he adds.

"Realistically, until Office exploit flaws cut their ties with it, it seems very unlikely that we will see them back of anytime soon," he asserted.

Attackers simply are exploiting the security hole in typically rich text format rather than the mass spamming events which characterised its earlier use.

Prominent threat campaigns include the well-known Red October, FakeM, and Rotten Tomato exploits.

Chantry says it is remarkable that the arbitrary code execution flaw is still common enough for exploit writers to corrupt computers by way of shoddy Microsoft Word installations.

Attackers have found a few ways to conceal the exploit in Word and Excel encryption features, rich text format, and intermixed binary data which was the most stealthy of the mechanisms.

Those however were only four of literally thousands of different obfuscation tricks black hats had used to exploit the old security flaw.

It is not the oldest bug still in use-- a nod must go to rich text format hole CVE 2010-3333, but it has still more life left in it for it to remain a valid tool for attackers, and that's really what users need to take care of.

Source: Sophos Internet Security.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer