A new zero-day security flaw that affects all versions of Microsoft Office - Word has been revealed. Researchers said that the bug can be used to secretly install malware, even on fully patched machines.
Unlike common Word document attacks, this flaw doesn't rely on macros to execute. It is triggered when the victim opens a 'poisoned' Word document that downloads a fake Rich Text document from a server. This document is, in reality, a malicious HTML application disguised as a Word document. This application then downloads and runs a script that is used to install additional malware in the background.
How to protect yourself before the patch is applied
- Do not open any Office files obtained from untrusted locations.
- Enable Office Protected View since this attack cannot bypass it.
To open a document in Protected View, take these steps:
- Click File >> Open.
- On the Open dialog box, click the arrow next to the Open button.
- From the list, click Open in Protected View.