A New Zero-Day Attack Is Creating Problems For Microsoft Word Users


April 11, 2017

All Microsoft users need to be aware of a new threat that has been targeting fully-patched systems using a zero-day attack. This attack installs malware through an Office vulnerability. Until a patch to solve this issue has been released, we strongly recommended that you instruct your staff not to open or send Word documents via email.

security padlock

In the short-term, Microsoft Office has a ‘Protected View’ setting that should be enabled by default. Take a moment to check that this feature is activated, and if you open a Word document and see a pop-up, it’s a strong indication that your system has been compromised. More than just being wary of Word documents sent to you by email, there are several other precautions we recommend you take:

  • Make sure your team is aware of this threat and the risk level it presents
  • Use an alternative method to share documents
  • Use your email filtering solution to temporarily block Word documents
  • If your systems are managed through an Active Directory, temporarily disable the Group Policy Object (GPO) that allows users to edit flagged files
  • Enable the GPO that uses ‘File Block’ to temporarily block .rtf files completely, not even allowing them to open in ‘Protected View’

While as of right now there is no patch available to correct this vulnerability, Microsoft has stated that they are working on the issue. A fix is expected over the next day or so with the next batch of updates. In the meantime, use caution when opening email attachments, and avoid opening Word files sent to you if at all possible. Keep an eye out for communications from Microsoft, and be sure to install any updates the moment they’re made available to you.

If you have questions about this zero-day attack or want to learn more about how you can protect your business from these types of threats, get in touch with Integris at sales@integrisit.com or (888) 330-8808. We’re the IT professionals businesses in Baltimore, Washington, DC And Across Maryland trust.

We're Integris. We're always working to empower people through technology.

Keep reading

Cybersecurity: The Operating Expense that Makes You Money

Cybersecurity: The Operating Expense that Makes You Money

When I went to college, I, like many of you, had to lay down a lot of cash for a lot of things. Tuition. Books. A computer. Even those late-night pizzas and ramen noodles. But, in the end, those expenses were worth it, because it established a foundation for me...

Mac Cybersecurity Tips for Business

Mac Cybersecurity Tips for Business

Looking for Mac Security Services for Your Business? Here's What You Need to Know to Outfit and Secure a Mac-Based Office. It happens at nearly every business. You've built your operations around PCs, yet, there's that small contingent of employees who insist they'd...