Hackers are exploiting a vulnerability in Microsoft Word to plant malware on Windows PCs, Microsoft has reported. The bug in Microsoft Word 2002, 2003, 2007, and 2010 was patched November 9 as part of Microsoft’s monthly security update. Word 2008 and 2011 for the Mac have also been patched, but Microsoft has not yet issued a fix for the same flaw in the older Word 2004. Only windows versions are affected.
The attack uses a malicious RTF (Rich Text Format) file to generate a stack overflow in Word on Windows. Following a successful exploit, the attack code downloads and runs a Trojan horse on the compromised computer.
More information about the vulnerability can be found in the MS10-087 security bulletin.
If you have not installed this update (or any others) MTI strongly recommends doing so. Call us today to schedule your update visit.
*All IT work should be done by a certified professional. MTI makes no guarantees to the success of individuals attempting to utilize these directions. Data loss is a possibility and MTI is not responsible for actions taken by readers to attempt these processes.