Your company's ad could live here and reach over 50,000 people a month!

Share This Post

Microsoft Office / Security

Microsoft Word Being Used as a Trojan Horse, Microsoft Says the Vulnerability Doesn’t Meet the Security Bar to Warrant a Fix

Microsoft Word Being Used as a Trojan Horse, Microsoft Says the Vulnerability Doesn’t Meet the Security Bar to Warrant a Fix
Subscribe
Voiced by Amazon Polly

Mimecast Research Labs has identified a memory corruption problem with Microsoft Word in that attackers can use the exploit to bypass Windows antimalware security – and apparently, some are actively exploiting it now.

Our detection engines spotted an attacker group, which seems to originate from Serbia, using specially-crafted Microsoft Word documents to take advantage of how Microsoft Word handles Integer Overflow errors in the OLE file format. The group was able to exploit this bug to circumvent many security solutions designed to protect data from infestation, including leading sandbox and anti-malware technologies.

According to Mimecast, it notified Microsoft way back in May of 2018.  Two days later, Microsoft told Mimecast that the issue didn’t meet the security bar, so a fix wouldn’t be forthcoming.

Mimecast has just produced a blog post detailing the exploit: THE RETURN OF THE EQUATION EDITOR EXPLOIT – DIFAT OVERFLOW

Share This Post

Leave a Reply