Top
image credit: Pixabay

Microsoft Office zero-day vulnerability that allows remote code execution is being actively exploited

September 8, 2021

Via: TechSpot

Expmon, one of several security firms that reported the zero-day exploit, told BleepingComputer the attack method is 100-percent reliable making it very dangerous. Once a user opens the document, it loads malware from a remote source. Expmon tweeted that users should not open any Office documents unless they are from an entirely trusted source.

The file that Expmon discovered was a Word document (.docx), but Microsoft did not indicate that the exploit was limited to Word files. Any document that can call on MSHTML is a potential vector.

Read More on TechSpot