office – Page 3 – Computer Security Articles

Flash, Windows Users: It’s Time to Patch

March 13, 2018 admin Adobe Flash Player, Chris Goettl, Exchange Server, Internet Explorer, Ivanti, Jimmy Graham, microsoft, Microsoft Patch Tuesday March 2018, office, Sharepoint, Time to Patch, windows

Credit to Author: BrianKrebs| Date: Tue, 13 Mar 2018 19:36:28 +0000

Adobe and Microsoft each pushed critical security updates to their products today. Adobe’s got a new version of Flash Player available, and Microsoft released 14 updates covering more than 75 vulnerabilities, two of which were publicly disclosed prior to today’s patch release. The Microsoft updates affect all supported Windows operating systems, as well as all supported versions of Internet Explorer/Edge, Office, Sharepoint and Exchange Server. All of the critical vulnerabilities from Microsoft are in browsers and browser-related technologies, according to a post from security firm Qualys.

MalwareBytes Security

Old MS Office feature weaponized in malspam attacks

October 17, 2017 admin DDE, DDEAUTO, macro, malspam, malware, microsoft, office, Threat analysis, Word

Credit to Author: Jérôme Segura| Date: Tue, 17 Oct 2017 15:00:16 +0000

An old Microsoft Office feature has been brought back to the forefront as way to distribute malware without relying on macros or exploits.

Categories:

Tags: DDE DDEAUTO macro malspam malware microsoft Office word

Independent Krebs

Microsoft’s October Patch Batch Fixes 62 Flaws

October 16, 2017 admin adobe, Bishop Fox, Checkpoint, Flash Player, October 2017 patch tuesday, office, Other, reader, sans internet storm center, SEC Consult, windows, Windows 8, Windows Server 2012, Windows subsystem for Linux

Credit to Author: BrianKrebs| Date: Wed, 11 Oct 2017 14:18:40 +0000

Microsoft on Tuesday released software updates to fix at least 62 security vulnerabilities in Windows, Office and other software. Two of those flaws were detailed publicly before yesterday’s patches were released, and one of them is already being exploited in active attacks, so attackers already have a head start.

MalwareBytes Security

Fake IRS notice delivers customized spying tool

September 21, 2017 admin CP2000, CVE-2017-0199, doc, exploit, irs, malspam, malware, office, phishing, Rat, remote administration tool, RMS, spy, Threat analysis, Word

Credit to Author: Jérôme Segura| Date: Thu, 21 Sep 2017 15:00:24 +0000

Threat actors leverage a Microsoft Office exploit to spy on their victims. In this blog post, we will review its delivery mechanism and analyze the malware we observed, a modified version of a commercial Remote Administration Tool (RAT).

Categories:

Tags: CP2000 CVE-2017-0199 doc exploit IRS malspam malware Office phishing rat remote administration tool RMS spy word

(Read more…)

The post Fake IRS notice delivers customized spying tool appeared first on Malwarebytes Labs.

Microsoft Security

Office 2013 can now block macros to help prevent infection

January 23, 2017 admin Antimalware research for IT pros and enthusiasts, Macro-based malware, office, Product features and announcements

In response to the growing trend of macro-based threats, a new feature in Office 2016 allows an enterprise administrator to block users from running macros in Office documents that originated from the Internet. This feature was documented back in March: New feature in Office 2016 can block macros and help prevent infection, and the predominant…

Microsoft Security

Where’s the Macro? Malware authors are now using OLE embedding to deliver malicious files

January 23, 2017 admin Antimalware research for IT pros and enthusiasts, CAPTCHA, Cerber, Donvibs, macro malware, Macro-based malware, malicious JS scripts, malicious VB files, Microsoft Office, office, OLE-embedded objects, ransomware, TrojanDownloader:VBS/Donvibs, TrojanDownloader:VBS/Vibrio, Vibrio

Recently, we’ve seen reports of malicious files that misuse the legitimate Office object linking and embedding (OLE) capability to trick users into enabling and downloading malicious content. Previously, we’ve seen macros used in a similar matter, and this use of OLE might indicate a shift in behavior as administrators and enterprises are mitigating against this…

Microsoft Security

Malicious macro using a sneaky new trick

January 23, 2017 admin antimalware, Antimalware research for IT pros and enthusiasts, Donoff, guidance, Locky, macro, Macro-based malware, malware, malware research, office, ransomware, Social engineering, VBA, VBAscript, Windows 10, Windows Defender, Word

We recently came across a file (ORDER-549-6303896-2172940.docm, SHA1: 952d788f0759835553708dbe323fd08b5a33ec66) containing a VBA project that scripts a malicious macro (SHA1: 73c4c3869304a10ec598a50791b7de1e7da58f36). We added it under the detection TrojanDownloader:O97M/Donoff – a large family of Office-targeting macro-based malware that has been active for several years (see our blog category on macro-based malware for more blogs). However, there wasn’t…

Microsoft Security

New feature in Office 2016 can block macros and help prevent infection

January 23, 2017 admin Macro-based malware, office, spam

Macro-based malware is on the rise and we understand it is a frustrating experience for everyone. To help counter this threat, we are releasing a new feature in Office 2016 that blocks macros from loading in certain high-risk scenarios. Macro-based malware infection is still increasing Macro-based malware continues its rise. We featured macro-based malware…