Which SSL Reviews

SSL Certificates

Microsoft Office Flaw Exploited By Cyber Criminals

December 12, 2013 | By Editor 

Microsoft Office Flaw

Attacks against Microsoft office that fully exploits multiple vulnerabilities found in the program has been witnessed. Officially, two hackers were involved in this attacks and reacting quickly to the issue, the firm has released a patch on Tuesday to fix any bugs that might give backdoor access to criminals. Using MS office is a very common habit among almost every corporate around the globe because of its ease of use and the productivity that the program provides.

Any bugs found in it is critical because it is being used often in a corporate environment than by individuals. There are thousands of companies which use cloud and local excel sheets to maintain their entire data. Even a single leak could lead to excessive damage and corrupt the entire backups that companies have relied on so far. While SSL certificates are used to encrypt websites and transactions done online, it is manual encryption tools that can help secure files.

Truecrpyt is one such solution and it helps users secure their data. According to official reports, the zero day bug found in MS Office was specifically targeted by two different criminal groups. So far, no community or hacker group has claimed name for this attempt as they usually do so. This leaves security experts filled with doubt about their motive and why would not they reveal themselves as they usually do.

Meanwhile, MS has traced the problem to be a remote code execution which allowed hackers to remotely exploit the software without any manual or digital virus injection. It was related to TIFF format graphics file found in the Office program that led to the breach. Any attacker once gained access to the program will be able to preview or make the user open Emails which will give them complete access as the user who’s using the file in the venue.

While the usual patch rolls out on Tuesday, Microsoft uses the Emergency Fix it program that stopped the zero day bug from being exploited further and fixed it. The concept of SSL Certificates may help in other areas, but timely patch and proper updates is what can protect you from being attacked. So far, these issues were found with older 2003, 2007 and 2010 versions of Microsoft Office. There’s the latest cloud based and offline 2013 version, but due to the reduced user base, criminals hardly target this area. Also, it was revealed that, one of the two attack groups was found to be operating from India, but it could be a bogus proxy.

Be part of an IT community with thousands of subscribers. Get the latest news, blogs, and thought leadership articles. Subscribe now
Email *

Posted in SSL Certificates

Be Sociable, Share!

Leave a Comment


* fields are mandatory