comscore Microsoft warns of security bug exploiting 'preview email' to hack PC
News

Microsoft warns of security bug exploiting 'preview email' to hack PC

Microsoft has reportedly warned that previewing emails before hitting send could allow hackers gain control of a user's PC. The software maker said that cyber criminals were actively exploiting a new

  • Published: March 27, 2014 12:06 PM IST
microsoft

microsoftMicrosoft has reportedly warned that previewing emails before hitting send could allow hackers gain control of a user’s PC. The software maker said that cyber criminals were actively exploiting a newly discovered Microsoft Word bug that could be exploited to gain remote access of a system. Also Read - Instagram, TikTok scams targeting youngsters with ransomware, bots and more: Report

According to PC World, the attack is delivered using booby-trapped Rich Text (RTF) files and accessing or previewing a bugged file with Word grants the attacker the same rights as the current user. And the worst part is that Word is the default document viewer in Outlook 2007, 2010 and 2013. Also Read - Microsoft working on improving Windows 11 performance with updates starting next year

Microsoft is only aware of the limited, targeted attacks against Word 2010, but the bug affects Word 2013, Word 2013 RT, Word 2007, Word 2003, Microsoft Office for Mac 2011, and related programs like Word Compatibility Viewer and Word Automation Services on Microsoft SharePoint Server, the report said. Also Read - Microsoft New Xbox app solves game installation problem

Although Microsoft has issued a Fix It to neutralize the exploit by going the nuclear route and barring all RTFs, but since RTF formats are popular than Microsoft’s .Doc formats, users could configure Outlook settings to avoid any potential hacks.

Users should try to stay away from RTF files, but if there is no other option, they could scan it with security software first. Microsoft said that running its Enhanced Mitigation Experience Toolkit (EMET) could also protect against the exploit.

The report said that since the exploit also involves Word 2003, and Office 2003 is going end-of-life on April 8 with Windows XP, it means no more security patches for such issues and users must adopt the updated versions.

For the latest tech news across the world, latest PC and Mobile games, tips & tricks, top-notch gadget reviews of most exciting releases follow BGR India’s Facebook, Twitter, subscribe our YouTube Channel. Also follow us on  Facebook Messenger for latest updates.
  • Published Date: March 27, 2014 12:06 PM IST



new arrivals in india

Best Sellers