- LIBREOFFICE OPENOFFICE BUG ALLOWS HACKERS TO HOW TO
- LIBREOFFICE OPENOFFICE BUG ALLOWS HACKERS TO PATCH
- LIBREOFFICE OPENOFFICE BUG ALLOWS HACKERS TO CODE
If you use Outlook, consider switching your email to plain text. Sophos’s Email Appliance and UTM products can do this for you.Ĭonsider using Microsoft’s Fix it solution to turn off Word’s ability to open and view RTF content altogether.Ĭonsider using Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) as a way to sandbox Microsoft Office to make it harder to exploit.ĮMET can prevent unpatched vulnerabilities from being successfully weaponised. You can reduce your exposure to attacks delivered in RTF files with these steps:Ĭonsider blocking or quarantining these files by type or extension at your email gateway. Szappi noticed the 20 exploits were intially seen almost exclusively in attacks that were probably initiated for intelligence gathering purposes, presumably by hackers paid to conduct national or industrial espionage.īut over the past year, that has changed so that these exploits now appear frequently in broader attacks mounted by cybercriminals focused on making money through bots and zombies.ĭon’t wait for that to happen here – mitigate the CVE-2014-1761 problem right away! SophosLabs researcher Gabor Szappanos (Szappi) recently published a paper analysing the historical record of these two vulnerabilities – both are generally exploited by what Microsoft above calls “specially crafted RTF files” – and discovered an interesting phenomenon. These previous exploits are two and four years old respectively, and go by the tags CVE-2010-3333 and CVE-2012-0158. This sounds surprisingly like two existing, well-known Word exploits that have been widely used over the past few years. Sophos products detect booby-trapped files exploiting this vulnerability as Exp/20141761-A. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.
LIBREOFFICE OPENOFFICE BUG ALLOWS HACKERS TO CODE
The vulnerability could allow remote code execution if a user opens a specially crafted RTF file using an affected version of Microsoft Word, or previews or opens a specially crafted RTF email message in Microsoft Outlook while using Microsoft Word as the email viewer. At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. Microsoft is aware of a vulnerability affecting supported versions of Microsoft Word.
That’s the case with this latest alert about what is known as CVE-2014-1761, as Microsoft explains:
(This is rather dramatically called weaponising a vulnerability.)īut in the case of a zero-day, the weaponisation has already happened.
LIBREOFFICE OPENOFFICE BUG ALLOWS HACKERS TO HOW TO
The crooks might never actually manage to work out how to turn the vulnerability into a practicable exploit.
LIBREOFFICE OPENOFFICE BUG ALLOWS HACKERS TO PATCH
Many, if not most, software vulnerabilities are hard to exploit, meaning that even if you patch some time after the fix was available, you might get lucky. It gives Microsoft time to test, and test again, that the patches don’t cause problems that outweigh the security risk or, worse, open up yet more security holes.Īnd it lets IT teams plan their routine patching to minimise disruption.īut when the crooks start using an exploit before a patch is available, the hole is rather quaintly called a zero-day, or 0-day (pronounced “oh day”), because the maximum number of days you could have been patched ahead of the exploit was zero. This is a good approach for patching vulnerabilities for which no known exploit yet exists, or exploits that were discovered by Microsoft’s own researchers, or holes that were found privately and responsibly disclosed to Microsoft so it could fix them before they became publicly known. Usually, Microsoft’s updates appear in a regular, frequent and predictable way, published on Patch Tuesday, the second Tuesday of every month. In the wild means the crooks not only can get in, but are actively doing so already.An exploit is a way for the crooks to use a vulnerability in practice, and actually get in.A vulnerability is the flaw that caused the bug that could let crooks get in.To clarify the jargon in that first sentence: Microsoft has issued an emergency security alert about an in-the-wild exploitable vulnerability in Word.
0 kommentar(er)
