Hapless victims can become infected simply by opening malicious documents, which can arrive as email attachments or as downloads. Microsoft on Friday (June 7) tweeted out a series of warnings from its Security Intelligence Twitter feed that an “active malware campaign” was sending malicious email messages containing corrupted files to users in Europe. The command-and-control server for this campaign is now offline, but it would be simple for the attackers to resume operations with a new server. Other groups have exploited the same Office flaw in the past, and it’s sure to be part of an attacker’s toolkit for the foreseeable future. To make sure you’re immune to this flaw, make sure your Windows 7, 8.1 or 10 machines are fully patched. Go into Windows Update and check when your latest updates were run; if it was earlier than November 2017, you’re still vulnerable. Microsoft Office 2019 should not be vulnerable, but older versions of Office may be. The flaw, known only by the catalog name CVE-2017-11882, has to do with the way Office handles Rich Text Format (RTF) files and translates certain bits of code using a component called Equation Editor. If a user of an unpatched system opens a malicious RTF file in Microsoft Word, “the RTF file downloads and runs multiple scripts of different types (VBScript, PowerShell, PHP, others) to download the [malware] payload,” Microsoft explained Friday. “The backdoor payload then tries to connect to a malicious domain” that, fortunately, is “currently down.” The bug dates all the way back to 2000 and the first edition of Equation Editor, which let users construct scientific and mathematical formulas in Word. A different equation editor was introduced in Office 2007, but the older Equation Editor was kept on for compatibility purposes. Microsoft’s patch of CVE-2017-11882 in November 2017 revealed to the world the existence of the longstanding flaw in Equation Editor, and attackers began using it to target unpatched systems. As a result, Microsoft removed Equation Editor from then-supported versions of Microsoft Office (opens in new tab) (Office 2007, 2010, 2013 and 2016) with a subsequent patch in January 2018. This article originally appeared on Tom’s Guide.

Windows 10 Security and Networking

Previous TipNext Tip

Use the Windows 10 Parental ControlsFind Your MAC AddressTurn Your Windows PC into a Wi-Fi HotspotPassword Protect a FolderCreate a Guest Account in Windows 10Enable Windows Hello Fingerprint LoginSet Up Windows Hello Facial RecognitionHow to Restrict Cortana’s Ever-Present Listening in Windows 10Automatically Lock Your PC with Dynamic LockBlacklist Non-Windows Store AppsFind Saved Wi-Fi PasswordsSet Up a Metered Internet ConnectionUse Find My DeviceStream XBox One GamesAll Windows 10 TipsMap a Network DriveCreate Limited User AccountsSet Time Limits for KidsPin People to Your Taskbar