Yahoo Finance ‘ACT QUICKLY’: The Word doc that could hack your computer
Australians are being urged to avoid certain Microsoft Office documents that have been loaded with malware that could allow hackers to take over personal devices.
Any device that operates on Microsoft Windows is currently vulnerable to this attack.
Microsoft said it was currently investigating this “remote code execution vulnerability” that potentially allows malicious actors to remotely control computers.
“Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents,” Microsoft said in a security update.
“An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine.”
Also read:
It appears the main danger is opening the actual document, which would leave the victim exposed to having their device remotely controlled.
“The attacker would then have to convince the user to open the malicious document.”
Users who have administrative user rights are more impacted by this attack than users whose accounts are configured to have fewer rights.
To get into the technicalities, the specific name for this vulnerability is CVE-2021-40444.
Microsoft
identified a limited number of targeted attacks. To protect customers, please see https://t.co/6dFo6QAMcF for mitigation guidance.— Security Response (@msftsecresponse) September 7, 2021
How do I protect myself?
According to an alert from the Australian Cyber Security Centre (ASCS), titled “ACT QUICKLY: HIGH ALERT”, Microsoft actually doesn’t have a patch yet that protects you from this.
But there are temporary mitigating measures and workarounds that can help protect you in the meantime.
This includes making sure you open documents in Protected View or Application Guard for Office, both of which Microsoft said would prevent the attack.
Meanwhile, if you use Internet Explorer, you should “disabl[e] the installation of all ActiveX controls”.
Microsoft has further instructions on how to do that here.
Microsoft also said that their Defender Antivirus and Defender for Endpoint should also protect against this vulnerability.
In the meantime, keep an eye out for any suspicious documents and for security updates from Microsoft.
“Customers should keep anti-malware products up to date. Customers who utilise automatic updates do not need to take additional action,” Microsoft stated.
After finishing the investigation, the tech giant will “take the appropriate action” to protect customers, its security update said.
“This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.”
WATCH BELOW: 4 Tips for Spotting and Avoiding Common Scams
Microsoft targeted
Microsoft made headlines earlier this year when it was revealed its servers were attacked by Chinese hackers.
The hackers were from an organisation called Hafnium, a state-sponsored group operating out of China, which exploited Microsoft’s email service, gaining access to computers.
Days after the attack, the ASCS warned several Australian organisations had been affected and were yet to patch up the vulnerabilities.
Vulnerabilities exploited by hackers would allow an attacker to write files, execute code and have a high degree of access to the Microsoft Windows operating system.
More broadly, Australians are being increasingly urged to be more careful about suspicious texts, emails or phone calls that may spoof well-known and trusted organisations like Australia Post, or Big Banks, but are in fact scammers hoping to steal personal and banking information.
So far this year, Australians have reported losing more than $192 million to scammers, with the true figure likely to be much higher.
Read more:
Follow Yahoo Finance on Facebook, LinkedIn, Instagram and Twitter, and subscribe to the free Fully Briefed daily newsletter.
