Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
News
Security News
Microsoft Office Apps Provide a New Path for Hackers
Message
<blockquote data-quote="lokamoka820" data-source="post: 1096846" data-attributes="member: 108773"><p>Microsoft has disclosed a zero-day "max severity" vulnerability that impacts several Office and 356 products. Attackers may exploit this vulnerability to steal private data from individuals or organizations. A patch should be available on August 13th.</p><p></p><p>The flaw in question, nicknamed "Microsoft Office Spoofing Vulnerability" and tracked as CVE-2024-38200, is relatively easy to exploit. An attacker doesn't need to trick their victim into opening a malicious file or running a bad program. They simply need to guide the victim to a website that contains a "specially crafted file," according to Microsoft.</p><p></p><p>The following products are impacted by CVE-2024-38200:</p><ul> <li data-xf-list-type="ul"> Microsoft Office 2016 (32-bit & 64-bit)</li> <li data-xf-list-type="ul"> Microsoft Office 2016 (32-bit & 64-bit)</li> <li data-xf-list-type="ul"> Microsoft Office LTSC 2021 (32-bit & 64-bit)</li> <li data-xf-list-type="ul"> Microsoft 365 Apps for Enterprise (32-bit & 64-bit)</li> </ul><p>MITRE says that attackers are highly likely to exploit this vulnerability. For its part, Microsoft marks exploitability as "less likely," meaning that a patch should be available before attackers can figure out how to build the malicious file needed for exploitation. (In any case, individuals or organizations who fail to install the needed security updates will be at risk of attack.)</p><p></p><p>Microsoft attributes the discovery of CVE-2024-38200 to PrivSec Consulting's Jim Rush and Synack Red Team's Metin Yunus Kandemir. Evidently, Rush plans to discuss this and other Microsoft Software vulnerabilities at DEF CON 2024 (which runs from August 8th to the 11th).</p><p></p><p>Individuals who utilize an affected version of Microsoft Office should, as always, avoid opening unknown websites (particularly those shared via email). Organizations may take more aggressive steps the mitigate their risk—Microsoft suggests adding sensitive users to the Protected Users Security Group. Blocking TCP 445/SMB outbound in firewall and VPN settings may also reduce potential exposure. Both of these changes can be reversed after installing Microsoft's security patch, which is tentatively planned for August 13th.</p><p></p><p>Microsoft is currently working to patch several flaws across the Windows operating system and its first-party apps. One of these flaws, which could let an attacker "unpatch" a system and take advantage of outdated exploits, is particularly interesting and insidious.</p><p></p><p>[URL unfurl="true"]https://www.bleepingcomputer.com/news/security/microsoft-discloses-office-zero-day-still-working-on-a-patch/[/URL]</p></blockquote><p></p>
[QUOTE="lokamoka820, post: 1096846, member: 108773"] Microsoft has disclosed a zero-day "max severity" vulnerability that impacts several Office and 356 products. Attackers may exploit this vulnerability to steal private data from individuals or organizations. A patch should be available on August 13th. The flaw in question, nicknamed "Microsoft Office Spoofing Vulnerability" and tracked as CVE-2024-38200, is relatively easy to exploit. An attacker doesn't need to trick their victim into opening a malicious file or running a bad program. They simply need to guide the victim to a website that contains a "specially crafted file," according to Microsoft. The following products are impacted by CVE-2024-38200: [LIST] [*] Microsoft Office 2016 (32-bit & 64-bit) [*] Microsoft Office 2016 (32-bit & 64-bit) [*] Microsoft Office LTSC 2021 (32-bit & 64-bit) [*] Microsoft 365 Apps for Enterprise (32-bit & 64-bit) [/LIST] MITRE says that attackers are highly likely to exploit this vulnerability. For its part, Microsoft marks exploitability as "less likely," meaning that a patch should be available before attackers can figure out how to build the malicious file needed for exploitation. (In any case, individuals or organizations who fail to install the needed security updates will be at risk of attack.) Microsoft attributes the discovery of CVE-2024-38200 to PrivSec Consulting's Jim Rush and Synack Red Team's Metin Yunus Kandemir. Evidently, Rush plans to discuss this and other Microsoft Software vulnerabilities at DEF CON 2024 (which runs from August 8th to the 11th). Individuals who utilize an affected version of Microsoft Office should, as always, avoid opening unknown websites (particularly those shared via email). Organizations may take more aggressive steps the mitigate their risk—Microsoft suggests adding sensitive users to the Protected Users Security Group. Blocking TCP 445/SMB outbound in firewall and VPN settings may also reduce potential exposure. Both of these changes can be reversed after installing Microsoft's security patch, which is tentatively planned for August 13th. Microsoft is currently working to patch several flaws across the Windows operating system and its first-party apps. One of these flaws, which could let an attacker "unpatch" a system and take advantage of outdated exploits, is particularly interesting and insidious. [URL unfurl="true"]https://www.bleepingcomputer.com/news/security/microsoft-discloses-office-zero-day-still-working-on-a-patch/[/URL] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
