Microsoft patches serious Word bug targeted by scammers

Microsoft patches serious Word bug targeted by scammers

A bug in Word that was apparently being used to try to steal banking logins will be patched, Microsoft has said.

The previously undetected, or "zero-day", vulnerability had been reported over the weekend.

Then, on 10 April, cybersecurity firm Proofpoint announced it had discovered an email campaign targeting the bug that aimed to distributed Dridex malware.

Dridex is designed to infect a victim's computer and snoop on banking logins.

In 2015, it was cited as the means by which cyber-attackers stole more than ?20m from British bank accounts.


The flaw discovered in many versions of Microsoft Word for Windows could allow malicious software, including Dridex, to be installed, according to cybersecurity researchers.

A scam email campaign was found to be distributing Microsoft Word RTF [Rich Text Format] documents to recipients that contained Dridex.

"During our testing (for example on Office 2010) the vulnerable system was fully exploited," wrote Proofpoint researchers in a blog.

"We plan to address this through an update on Tuesday April 11, and customers who have updates enabled will be protected automatically," said a Microsoft spokesman.

"Meanwhile we encourage customers to practise safe computing habits online, including exercising caution before opening unknown files and not downloading content from untrusted sources to avoid this type of issue."

Proofpoint also urged Microsoft Word users to install the security updates quickly.

"Because of the widespread effectiveness and rapid weaponisation of this exploit, it is critical that users and organisations apply the patch as soon as it becomes available," the firm said.



Add Comment

all comments

  Other news

more
Bill Wyman: Ex-Rolling Stones bassist puts 'treasure' on display

Bill Wyman: Ex-Rolling Stones bassist puts 'treasure' on display..

24-Jun, 06:25

A Roman lock and a 17th Century seal discovered by former Rolling Stones...

Pandas in Berlin: Meng Meng and Jiao Qing arrive in new home

Pandas in Berlin: Meng Meng and Jiao Qing arrive in new home..

24-Jun, 12:30

Two giant pandas have landed safely in Berlin accompanied by Chinese...

Simon Cowell’s Grenfell Tower single tops UK music charts - watch it here!

Simon Cowell’s Grenfell Tower single tops UK music charts - watch it here!..

24-Jun, 12:06

On Monday, a star-studded West End concert, Songs and Solidarity, is set...

Millennial magic

Millennial magic..

24-Jun, 22:40

Jeremy Corbyn continued his drive to appeal to young people with a visit...

McDonald's to offer $1 sodas after customer visits decline

McDonald's to offer $1 sodas after customer visits decline..

22-Feb, 15:08

McDonald's is hoping $1 sodas can help draw more customers into its...

Be careful if you're betting tax changes will boost stocks

Be careful if you're betting tax changes will boost stocks..

13-Apr, 10:56

Investors have pinned high hopes on President Donald Trump's tax reform...

Conservative Fillon restarts campaign after divisive scandal

Conservative Fillon restarts campaign after divisive scandal..

07-Mar, 14:55

French conservative candidate Francois Fillon has called on centrist...

United executives take questions about dragging passenger

United executives take questions about dragging passenger..

18-Apr, 16:48

The CEO and other United Airlines executives had comments and took...