Another dangerous vulnerabilities in Microsoft products

It is difficult to debate the necessity of installing security updates. Certain things you just have to do or rely on default settings that regularly and automatically do what you need for a Windows user. So if your systems are constantly updated, you have nothing to fear. Otherwise, you should at least consider releasing updates and installing security patches - all this through numerous vulnerabilities detected in Word security and the Windows JET database engine used by MS Access and Visual Basic

Vulnerability in MS Word and MS Outlook

We wrote about the latest vulnerability in the Microsoft Outlook e-mail client. Recall that it was about loading content from a remote server in a RTF message, which caused malicious code to run without user interaction.

Without gaps, MS Word has not survived. In recent months, analysts from Fortinet's FortiGuard Labs have reported numerous "use-after-free" vulnerabilities in the security of various versions of Word. These vulnerabilities have been corrected in January and March Microsoft product security updates. Relevant patches have been identified as critical, and users have been encouraged to update the MS Office suite as soon as possible.

The term "use-after-free" refers to a vulnerability that allows an attacker to access memory after it is released, which can cause program failure, allow dangerous code to run, or even execute it remotely by a cybercriminal.

In this situation, if the user opens a malicious document in MS Word, even after it has been closed, an additional code may be activated with the rights of the active Windows user

- comments Robert Dąbrowski, head of the Fortinet engineering team.

For example, one of these vulnerabilities in MS Word occurred when the program tried to parse a specially crafted RTF file. Thanks to him, the criminal could remotely exploit the vulnerability to run arbitrary code. This vulnerability was considered critical because there is a high probability that it could be used to launch an attack.

A vulnerability in MS Windows Jet

Researchers from the same company also detected vulnerability in another Microsoft product - Windows JET. It is a database engine used by MS Access and Visual Basic. Informed about the case Microsoft published on October 10 a guide with an amendment to this vulnerability.

dangerous gaps in MS

In this case, the vulnerability exists in the DLL library in the " msexcl40.dll " file, which is a component of all supported versions of Windows systems 7 through 10. The vulnerability could be triggered with a specially crafted Excel file.

We recommend that readers update their system and office suite from Microsoft if Windows has not yet done so automatically. The use of the latest patches will allow you not to endanger yourself.



Add new comment

The content of this field is kept private and will not be shown publicly.

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.