Microsoft issues patch for zero-day exploit that uses malicious Office files

Microsoft has just rolled out an update fixing 66 security vulnerabilities as part of this month’s Patch Tuesday. One of them addresses a critical zero-day vulnerability that’s being actively exploited by hackers using Office files containing malicious ActiveX controls. A few days ago, Microsoft issued a warning about the flaw after being notified by security researchers who discovered that bad actors are exploiting it by tricking potential victims into opening malicious Office files. Upon being opened, the file automatically launches a page on Internet Explorer, which contains an ActiveX control that downloads malware onto the victim’s computer.

When Microsoft published the warning, it didn’t have a fix yet and

→ Continue reading at Engadget

Similar Articles


Most Popular

Public lands in eastern Washington to reopen Thursday

Public lands in eastern Washington will start reopening Sept. 16 for recreation, camping and hunting. WASHINGTON — The Department of Natural Resources (DNR)...

Apple Fitness+ adds Group Workouts so you can exercise with friends via SharePlay

Apple's fitness subscription service will soon make it easier for you to take a virtual class with friends and family. The new feature, dubbed...

The vanishing allure of doing business in China

IT IS NOTHING new for foreign firms to endure shakedowns by the Chinese Communist Party. As far back as revolutionary times, Chairman Mao’s victorious...