New Word Zero-Day Vulnerability Is Being Exploited

image of computer hacker

Campus Technology is reporting that hackers are exploiting a vulnerability in Microsoft Word that allows malware to be downloaded.  The vulnerability is not associated with macros, as many in the past have been.   The new exploit allows a the download of malicious HTML applications from a server which is disguised as a Rich Text document.  A malicious script then is used to install malware.

McAfee was the first to report the discovery on Friday, April 7th.  The cybersecurity company FireEye agreed with McAfee on the cause of the vulnerability.

For more information see:

Campus Technology: Hackers are Attacking Word Users with Microsoft Office Zero-Day Vulnerability

ZD Net: Hackers are attacking Word users with new Microsoft Office zero-day vulnerability

EducationDive: Microsoft Word is the latest frontier for hackers