MS Office Archives - Help Net Security

MS Office

Microsoft patches zero-days used by state-sponsored and ransomware threat actors (CVE-2023-23397, CVE-2023-24880)

March 14, 2023

It’s March 2023 Patch Tuesday, and Microsoft has delivered fixes for 76 CVE-numbered vulnerabilities, including two actively exploited in the wild (CVE-2023-23397, …

Microsoft to boost protection against malicious OneNote documents

March 10, 2023

Microsoft has announced that, starting in April 2023, they will be adding enhanced protection when users open or download a file embedded in a OneNote document – a known …

PoC exploit for recently patched Microsoft Word RCE is public (CVE-2023-21716)

March 6, 2023

A PoC exploit for CVE-2023-21716, a critical RCE vulnerability in Microsoft Word that can be exploited when the user previews a specially crafted RTF document, is now publicly …

Office exploits continue to spread more than any other category of malware

September 29, 2022

The latest Internet Security Report from the WatchGuard Threat Lab shows a reduction in overall malware detections from the peaks seen in the first half of 2021, along with an …

Escanor malware delivered in weaponized Microsoft Office documents

August 22, 2022

Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 500 worldwide, identified a new RAT (Remote Administration Tool) advertised in Dark Web and Telegram …

87% of the ransomware found on the dark web has been delivered via malicious macros

August 3, 2022

Venafi announced the findings of a dark web investigation into ransomware spread via malicious macros. Conducted in partnership with criminal intelligence provider Forensic …

Microsoft adds default protection against RDP brute-force attacks

July 21, 2022

“Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors,” David Weston of Enterprise and OS Security at …

Attackers are leveraging Follina. What can you do?

June 3, 2022

As the world is waiting for Microsoft to push out a patch for CVE-2022-30190, aka “Follina”, attackers around the world are exploiting the vulnerability in a …

Microsoft Office apps are vulnerable to IDN homograph attacks

June 2, 2022

Microsoft Office apps – including Outlook – are vulnerable to homograph attacks based on internationalized domain names (IDNs). In practice, this means that users …

Zero-day bug exploited by attackers via macro-less Office documents (CVE-2022-30190)

May 31, 2022

A newly numbered Windows zero-day vulnerability (CVE-2022-30190) is being exploited in the wild via specially crafted Office documents (without macros), security researchers …

Windows Autopatch: Managed enterprise patching for Windows and Office

April 11, 2022

While IT administrators are mentally preparing themselves for yet another Patch Tuesday, Microsoft has announced Windows Autopatch: a new service that aims make the second …

Microsoft fixes wormable RCE in Windows Server and Windows (CVE-2022-21907)

January 11, 2022

The first Patch Tuesday of 2022 is upon us, and Microsoft has delivered patches for 96 CVE-numbered vulnerabilities, including a wormable RCE flaw in Windows Server …

MS Office

Microsoft patches zero-days used by state-sponsored and ransomware threat actors (CVE-2023-23397, CVE-2023-24880)

Microsoft to boost protection against malicious OneNote documents

PoC exploit for recently patched Microsoft Word RCE is public (CVE-2023-21716)

Office exploits continue to spread more than any other category of malware

Escanor malware delivered in weaponized Microsoft Office documents

87% of the ransomware found on the dark web has been delivered via malicious macros

Microsoft adds default protection against RDP brute-force attacks

Attackers are leveraging Follina. What can you do?

Microsoft Office apps are vulnerable to IDN homograph attacks

Zero-day bug exploited by attackers via macro-less Office documents (CVE-2022-30190)

Windows Autopatch: Managed enterprise patching for Windows and Office

Microsoft fixes wormable RCE in Windows Server and Windows (CVE-2022-21907)

Don't miss

CISA releases free tool for detecting malicious activity in Microsoft cloud environments

Top ways attackers are targeting your endpoints

Why organizations shouldn’t fold to cybercriminal requests

Fake ChatGPT for Google extension hijacks Facebook accounts

A common user mistake can lead to compromised Okta login credentials