Monday, December 23
Shadow

Tag: security firm

Critical Word 0-day is only 1 out of 3 Microsoft bugs under attack

Critical Word 0-day is only 1 out of 3 Microsoft bugs under attack

Technology
A zero-day code-execution vulnerability in Microsoft Office is one of three critical flaws under active attack in the wild, Microsoft warned Tuesday as it rolled out a batch of updates that plug the security holes. Further Reading Microsoft Word 0-day used to push dangerous Dridex malware on millions As reported earlier, attackers are exploiting the flaw to infect unsuspecting Word users with bank-fraud malware known as Dridex. Blog posts published Tuesday morning by security firms Netskope and FireEye reported that attackers are exploiting the same bug to install malware with the names Godzilla and Latenbot. Ryan Hanson, a researcher at security firm Optiv and the person Microsoft credited with reporting the critical bug, said exploits can execute malicious code even w...