Microsoft is drawing attention to a cybercrime campaign that relies on Office features to compromise Windows systems.
Office applications remain a favorite tool for cybercriminals to exploit to compromise Windows PCs en masse.
Earlier this month Microsoft warned that attackers were firing spam that exploited an Office flaw to install a trojan. The bug meant the attackers didn’t require Windows users to enable macros.
However, a new malware campaign that doesn’t exploit a specific vulnerability in Microsoft software takes the opposite approach, using malicious macro functions in an Excel attachment to compromise fully patched Windows PCs.
