MS Word Zero Day Bug Puts Essentially All Windows Systems at Risk
-
Ars Technica reports on a new zero day bug that affects basically all versions of Word and allows for malware to be installed on basically any version of Windows, including Windows 10 which is generally considered to be the most secure version of Windows yet. There is no patch yet and exploits are already in the wild. So everyone running Windows and Word, which is a pretty big cross-section of the world, is at risk today.
-
Ouch. That is very impactful. Anyone here seen it happen yet?
-
Most people are going to be saved by protected view initially.
So it is going to come down to the contents. Is it something that the user will click past protected view?
-
@Reid-Cooper said in MS Word Zero Day Bug Puts Essentially All Windows Systems at Risk:
Ouch. That is very impactful. Anyone here seen it happen yet?
We were hoping for a sample to try in our malware analysis lab, but I cant find any yet.
-
Any news on a patch yet?
-
Tomorrow is the patch according to update on the ars link.
-
I am more interested in seeing how this exploit works
-
@IRJ The Ars article goes into some depth, with links to the research
-
-
@mlnews The speed at which this 0 day has been exploited is a bit insane.
-
@DustinB3403 said in MS Word Zero Day Bug Puts Essentially All Windows Systems at Risk:
@mlnews The speed at which this 0 day has been exploited is a bit insane.
The speed at which we found out about how this 0 day has been exploited is a bit insane.
What, you think other zero days aren't immediately exploited?
-
@travisdh1 No, yeah that's a good point.
Just didn't think about it like that.
