microsoft office

In general, if a cybercriminal is able to successfully launch an attack at an owner-operated IT infrastructure, they can also launch one at a cloud service provider. In fact, public cloud services have become highly attractive targets for cybercriminals. For them, breaking into a cloud service is like merging onto a superhighway that can deliver their little bundles of evil far and wide, potentially impacting hundreds or thousands of organizations with a single strike. [Read More]
by RSS Jeannette Jarvis  |  Dec 04, 2017  |  Filed in: Industry Trends
Visa Payment Systems Intelligence recently announced that cybercriminals are threatening the payments ecosystem by leveraging a vulnerable Microsoft Dynamic Data Exchange protocol in phishing campaigns. This phishing attack relies on the Dynamic Data Exchange (DDE) protocol for infection instead of the usual malicious macros or an exploit kit. FortiGuard Labs has issued three IPS signatures that defend our customers against these attacks. [Read More]
by RSS FortiGuard SE Team  |  Nov 17, 2017  |  Filed in: Security Research
One of our daily routines as researchers here at FortiGuard Labs is to write and maintain our internal fuzzers to help us more effectively find potential vulnerabilities on different software products. In this blog post we would like to share how we discovered multiple Embedded Open Type (EOT) font vulnerabilities by using a combination of dumb and intelligent open source fuzzers. [Read More]
by RSS Wayne Chin Yick Low  |  Oct 19, 2017  |  Filed in: Security Research
Overview From the Yes, You Really Should Upgrade Department, FortiGuard Labs has discovered a third Microsoft Office Vulnerability that is rolled into today's Patch Tuesday updates. For a bit of variety, this is a double free vulnerability in Word 2007 and 2010. The vulnerability occurs when Word fails to validate that a pointer was already released before attempting to release it again, causing conditions that attackers could leverage to achieve remote code execution scenarios. The underlying problem involves an internal structure... [Read More]
by RSS Kai Lu  |  Dec 08, 2015  |  Filed in: Security Research
Overview Microsoft Patch Tuesday continues with another FortiGuard vulnerability disclosure, this time affecting Microsoft Excel. For a bit of background on Microsoft Office in general and Office 2007 in particular, check out today's first disclosure. In this case, a memory corruption vulnerability has been discovered in Microsoft Excel 2007. The vulnerability exists due to an error while the vulnerable software attempts to open a specially crafted Excel file. As with the other disclosures today, this vulnerability could lead... [Read More]
by RSS Kai Lu  |  Dec 08, 2015  |  Filed in: Security Research
Overview Microsoft Office is the most popular productivity suite in the world, first released by the Redmond software giant in 1988. Microsoft releases updates and patches for its software, including Office, on what is now commonly known as Patch Tuesday (the second and sometimes the fourth Tuesday of each month). Today, Patch Tuesday includes not one, not two, but three vulnerabilities discovered by researchers at FortiGuard Labs. The first is a heap overflow vulnerability Microsoft Word 2007. Although it was released eight years ago, Office... [Read More]
by RSS Kai Lu  |  Dec 08, 2015  |  Filed in: Security Research
Modern malware use every possible vector of attack to infect a system. Emails, which are available to almost everyone, are common carriers. In this type of attack, attackers try to lure users to open malicious attachments that look like documents, but have multiple file extensions, such as “financial.doc.exe”. Most of the time, the user only sees the “financial.doc” filename without the ".exe" extension, which makes it easy to assume that it is a Microsoft Word document. Once the file is clicked and executed, the... [Read More]
by RSS Raul Alvarez  |  Apr 29, 2015  |  Filed in: Security Research
In early November, we experienced an influx of Microsoft Word documents that contained malicious macros. Just when the computer security industry was on the verge of forgetting these oldies, they rose to life once again, proving that they’re not allowing themselves to be eliminated that easily. In June, Ruhai Zhang warned of macro threats that continue to spread, particularly those that use Microsoft Excel. In this blog post, I will go over a family of Microsoft Word macros, detected as WM/Agent!tr, that I have encountered in the past couple... [Read More]
by RSS Sousan Yazdi  |  Jan 06, 2015  |  Filed in: Security Research
Whenever we refer to macro threats, we are reminded of those malicious macros in the old days which infect Microsoft Office documents. Contrary to popular belief, macro threats haven't completely disappeared. Even with many new security features added to Microsoft Office and even with the improvement of people's security consciousness, macro threats still continue to persist. These new macro threats, however, have changed their role from being infectors into droppers that could decrypt/decode/drop/execute the payload. In this way, the payload... [Read More]
by RSS Ruhai Zhang  |  Jun 17, 2014  |  Filed in: Security Research
Updates, upgrades and patches, oh my. The week of May 7-11 was indeed a week of major patches from some of the biggest players. The good news is, many of the most popular OSes, Web browsers and applications are now a tad more secure. Here is a look at last week's security news. Patch Tuesday Delivers Three Critical Updates: For its regularly scheduled Patch Tuesday security update, Microsoft released a total of seven bulletins, three designated with the highest severity rating of “critical,” repairing a total of 23 vulnerabilities in Microsoft... [Read More]
by RSS Stefanie Hoffman  |  May 14, 2012  |  Filed in: Industry Trends