Microsoft warns of certain attacks through Office files and how we can avoid them – Market Research Telecast

admin on September 8, 2021 Leave a Comment

The fact that Microsofts operating system, as well as its own office suite are among the most used every day on millions of computers around the world, makes them prime targets for cybercriminals. In this way, your threats can reach many more people and in this way, get a greater number of victims. This time, Microsoft is warning of the use of certain malicious files that try to install malware on our computers.

To do this, they usually use a .DOCX document that automatically opens the Internet Explorer browser to load the malicious website and that contains an ActiveX control that is responsible for automatically downloading the malware onto the victims computer. Several security researchers have informed Microsoft of these dangerous practices that are taking advantage of the vulnerability CVE-2021-40444.

The researchers themselves have managed to reproduce the attack on computers with the latest Office 2019 and Office 365 version on Windows 10. The way to act is through a Word document that carries an ActiveX control that is responsible for downloading the malware itself onto the computer just by opening said document.

Microsoft has confirmed that it has already got to work to solve the security problem, but in the meantime it is possible that many users could be victims of this type of attack. Therefore, they have given some guidelines to be able to avoid these attacks.

The technology giant indicates that the antivirus itself Microsoft Defender y Microsoft Defender for Endpoint they are able to detect this vulnerability and prevent us from being infected. Therefore, it is recommended to review your settings and make sure you have them activated on your computer. Similarly, in Microsoft Office we also find what we know as Application Guard, which allows you to detect untrusted files and avoid these types of infections.

In addition, users who make use of an account that does not have administrator permissions will be less exposed to attacks.

On the other hand, Microsoft indicates that another temporary solution for Office 365 users is disable ActiveX controls completely. In this way, we will prevent the hidden malware from being downloaded from the document. However, this requires making a change to some entries in the Windows registry. To do this, we just have to open a notepad and copy the code shown below:

[HKEY_LOCAL_MACHINE SOFTWARE Policies Microsoft Windows CurrentVersion Internet Settings Zones 0]

1001 = dword: 00000003

1004 = dword: 00000003

[HKEY_LOCAL_MACHINE SOFTWARE Policies Microsoft Windows CurrentVersion Internet Settings Zones 1]

1001 = dword: 00000003

1004 = dword: 00000003

[HKEY_LOCAL_MACHINE SOFTWARE Policies Microsoft Windows CurrentVersion Internet Settings Zones 2]

1001 = dword: 00000003

1004 = dword: 00000003

[HKEY_LOCAL_MACHINE SOFTWARE Policies Microsoft Windows CurrentVersion Internet Settings Zones 3]

1001 = dword: 00000003

1004 = dword: 00000003

Then we save it as a .reg file, we go to the path where we have saved it and we click on it to execute it. This will cause the appropriate changes to be made to the system registry to completely disable ActiveX.

.

See original here:
Microsoft warns of certain attacks through Office files and how we can avoid them - Market Research Telecast

Related Posts
Posted in Internet Security

Comments are closed.