Sunday April 09, 2017

Booby-Trapped Word Documents Exploit Critical Microsoft 0-Day

Not that any of you are stupid enough to open an attachment without looking over the e-mail first, but there is a new exploit going around that targets Microsoft Word. This one is supposedly special because it doesn’t involve macros and even opens a decoy document to dupe the user into thinking nothing happened. Naturally, the exploit allows for full code execution on the victim's machine.

News Image

The attack starts with an e-mail that attaches a malicious Word document, according to a blog post published Saturday by researchers from security firm FireEye. Once opened, exploit code concealed inside the document connects to an attacker-controlled server. It downloads a malicious HTML application file that's disguised to look like a document created in Microsoft's Rich Text Format. Behind the scenes, the .hta file downloads additional payloads from "different well-known malware families."