There has been a recent discovery that hackers have been working on attempts to abuse a decade old Microsoft Office flaw with the help of new creative email scams. If the scam is affective on a user’s workstation it will install a memory corruption bug that will execute a memory code which can allow attackers remote access to the device. This is especially a problem for user accounts that have administrative privileges which would allow a hacker complete control of the system. If complete remote control is obtained, this could mean that an attacker could install programs at will, access and delete data, and create new accounts with full access rights.
The email scam these hackers are using is configured to trick users into opening a specific file containing an infected copy of Microsoft Office or Microsoft WordPad. A direct quote from Daniel Markuson, Digital Privacy Expert at NordVPN states “The malware targeting a decade-old MS Office vulnerability must have been under the radar, as it has been spreading through emails for three years now”. Something else that has come to light with this issue is that researchers have found that businesses are more vulnerable to attacks and more likely to be infiltrated because a mass email can be sent out to all users in a company and it is more likely that multiple users can fall prey to the attackers.
When it comes to individual users, it is advised that you spend more time being aware of what you are actually opening when it comes to attachments and who the sender of the email is. If you run into anything along these lines, we here at Frankenstein Computers and Networking are available for assistance with Virus/Malware removal and providing quality antivirus software to help protect your system and data. Please do not hesitate to contact us and we will be more than happy to provide support as always.
Frankenstein Computers has been taking care of our happy clients since 1999. We specialize in IT Support, IT Service, MAC repair, PC Repair, Virus Removal, and much more. Give us a call for remote support or drop in to drop off.