Microsoft warns that attackers are actively targeting Windows Vista.

aztony

aztony

Level 9
Thread author
Verified
Oct 15, 2013
501
Microsoft warned Tuesday that attackers are actively targeting Windows Vista, as well as Microsoft Office 2003 through 2010, with an attack that would give hackers the same rights as the victim.

“The exploit requires user interaction as the attack is disguised as an email requesting potential targets to open a specially crafted Word attachment,” Microsoft said. “If the attachment is opened or previewed, it attempts to exploit the vulnerability using a malformed graphics image embedded in the document. An attacker who successfully exploited the vulnerability could gain the same user rights as the logged-on user.”
Click to expand...
http://www.pcworld.com/article/2061280/windows-vista-lync-older-office-versions-under-attack-via-new-vulnerability.html#tk.nl_secur
 
Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Article may be confusing, plus the link didn't open.

Here's another link about the Office/Lync zero-day exploit:
http://www.tomsguide.com/us/microsoft-office-zero-day,news-17830.html

Breakdown:
- All versions of Windows are affected for Office 2003 and 2007 users
- Windows XP affected only for Office 2010 users, but not on Windows 7 or higher.
Because, Vista is vulnerable with or without Office installed. Other Windows versions are safe, if you do not have Office installed.

However, here's Microsoft FixIt for Windows Vista SP2/Server 2008 users:
https://support.microsoft.com/kb/2896666
Or use EMET.
 
aztony

aztony

Level 9
Thread author
Verified
Oct 15, 2013
501
Earth said:
Article may be confusing, plus the link didn't open.
Click to expand...
Don't know why the link doesn't work for you. I tested it right after I posted the article, and then again before replying to your comment. Works fine for me. Thnx for adding add'l info.
 
Gnosis

Gnosis

Level 5
Apr 26, 2011
2,779
Attack me all you want. I am sandboxed, and my
bb is ready to pick a fight.
Besides that, I have PCHunter to give me the bad news if I am infected.
 
B

Batzzz

Level 1
Verified
Nov 25, 2015
16
I find it important to keep everything up to date and modern, it doesnt remove all your chances of getting attacked but helps minimize them. I have word 2010 on my laptop because im a lazy so ill make sure to update.
 
You must log in or register to reply here.

Similar threads

F
    • Like
    • +Reputation
Security News Windows Kernel bug fixed last month exploited as zero-day since August
Replies
0
Views
1,107
Security News
Freki123
F
M
Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters
Replies
1
Views
181
Microsoft Defender
Bot
Bot
Gandalf_The_Grey
    • Like
Microsoft pulls fix for Outlook bug behind ICS security alerts
Replies
1
Views
135
Office, email and business apps
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top