News Priviw

Switch to the dark mode that's kinder on your eyes at night time.

Switch to the light mode that's kinder on your eyes at day time.

Menu

News Priviw

Menu
in

Unpatched Office attack reminds us: Don’t click on risky docs

Unpatched Office attack reminds us: Don't click on risky docs thumbnail

An attacker will have to convince you to click on the document as well as turn off Protected View.




cso security malware breach hack alert gettyimages 1144604134 by solarseven 2400x1600px

Solarseven / Getty Images

Today’s Best Tech Deals

Picked by PCWorld’s Editors

Top Deals On Great Products

Picked by Techconnect’s Editors

Microsoft is warning of a new Office vulnerability that can probably be avoided by continuing to use smart Internet practices. Namely, don’t open untrusted documents.

Researcher EXPMON reported a new vulnerability to Microsoft on Sunday, the company said, and Microsoft confirmed the vulnerability in a security update on Monday.  Microsoft has yet to issue a patch, though Microsoft said it will “take the appropriate action to help protect our customers.”

The vulnerability takes advantage of the MSHTML rendering engine used by Internet Explorer, a browser that Microsoft has deprecated. (IE will still run within Edge, but within the browser’s sandbox, protecting your PC.) So instead, the attackers are targeting the IE engine running within Microsoft 365 or Office documents. If a malicious Office document is sent you via email, then clicked upon and enabled, the vulnerability could be used to give an attacker control of your PC.

“An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine,” Microsoft said. “The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”

Microsoft already has two layers of protection that will secure your PC against this threat. First, you first have to click on the malicious document to open it. Second, if your PC is configured (as it should be) to first open a document in Protected View (which prompts a ”Be careful, this file originated…” warning, and confirms you want to edit it), that vulnerability won’t manifest. It’s only if you click on the document and then turn off Protected View or Application Guard for Office that your PC could be at risk. So don’t do that, OK?

Finally, Microsoft’s last sentence drives home a key point—you might not be impacted as much if you’re running as a standard user rather than with full admin rights. There’s a reason we devoted a whole section to that very topic in our roundup of 5 easy tasks that can supercharge your security.

Note: When you purchase something after clicking links in our articles, we may earn a small commission. Read our affiliate link policy for more details.

As PCWorld’s senior editor, Mark focuses on Microsoft news and chip technology, among other beats.

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

GIPHY App Key not set. Please check settings

Jamie Spears files petition to completely terminate conservatorship in Britney Spears case thumbnail

Jamie Spears files petition to completely terminate conservatorship in Britney Spears case

Best TV antennas for cord cutters 2021: Tested for real-world signal strength thumbnail

Best TV antennas for cord cutters 2021: Tested for real-world signal strength

Back to Top

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

To use social login you have to agree with the storage and handling of your data by this website. %privacy_policy%

Add to Collection

No Collections

Here you'll find all collections you've created before.