Critical zero-day vulnerability endangers Windows users

Security researchers have discovered a critical zero-day gap in Windows and Office, respectively. Hackers use the hole to install RTF document on remote systems. Microsoft is already working on a solution.


Recently, the security experts from McAfee and FireEye announced a zero-day gap in Microsoft Office. This makes it possible for hackers, for example, to play with a simple Word document, malware on the PC of their victim.


The file is usually sent as an e-mail attachment. After the file is opened, an exploit code is executed. This connects to the hacker's server. These then unintentionally load an HTML application file (HTA) disguised as Microsoft RTF (Rich Text Format) onto the affected computer.


The HTA file is now automatically executed by the attackers and thus take full control over the compromised device. Subsequently, the criminals can download additional payloads from various known malware families.


Microsoft is working to fix the problem


Windows 10 is considered to be the most secure version of the operating system from Redmond, but this zero-day attack also works on this OS. Microsoft is aware of this vulnerability, according to the researchers. The company has therefore announced a security update for this Tuesday.

Security researchers advise not opening unexpected e-mail attachments, even if the sender is known. The "Office Protected View" function promises additional protection. In this view, the malicious file does not work.


Office Protected View


To check whether the security option is enabled in Office, first open the "File" tab. Then click on "Options" and the "Security Center" menu point. Select the "Security Center Settings" option. Now you just need to click on "Protected View". In the right-hand window, check that all boxes are ticked. If this is the case, Office Protected View is enabled.