New Word Zero-Day Vulnerability Is Being Exploited

image of computer hacker

Campus Technology is reporting that hackers are exploiting a vulnerability in Microsoft Word that allows malware to be downloaded.  The vulnerability is not associated with macros, as many in the past have been.   The new exploit allows a the download of malicious HTML applications from a server which is disguised as a Rich Text document.  A malicious script then is used to install malware.

McAfee was the first to report the discovery on Friday, April 7th.  The cybersecurity company FireEye agreed with McAfee on the cause of the vulnerability.

For more information see:

Campus Technology: Hackers are Attacking Word Users with Microsoft Office Zero-Day Vulnerability

ZD Net: Hackers are attacking Word users with new Microsoft Office zero-day vulnerability

EducationDive: Microsoft Word is the latest frontier for hackers



WordPress: invalid_client Error Code

Wordpress logo

I was having trouble with a new self-hosted site i created when I tried to connect JetPack to my account.  I kept getting this error:

Invalid request, please go back and try again.

Error Code:invalid_client

Error Message: Unknown client_id.

I also got this code when I tried to manually add the site to the My Sites panel in my account.  From reading forum posts about this error, it also seems that it can occur when you try to reactivate the Jetpack plugin, after it has been deactivated for updates, etc.

I found this solution to the problem:

  1. Deactivate and Delete Jetpack plugin
  2. Go to your PHPMyAdmin
  3. Run the SQL Query : SELECT * FROM `wp_options` WHERE `option_name` LIKE '%jetpack_%'
  4. Delete the items that start with the option_name jetpack_
  5. Download and Install Jetpack.

It is really quite simple to do, and it worked perfectly.