All the latest UK technology news, reviews and analysis

Zero-day Office attacks leave experts worried

by Shaun Nichols

More from this author

07 Feb 2007

Be the first to comment

  • Tweet this
Microsoft
Five unpatched Office vulnerabilities are leading to a 'malware storm'

Security experts have voiced grave concerns for the safety of users in the wake of a string of active exploits for Microsoft Office.

Cory Nachreiner, a network security analyst at WatchGuard Technologies, said that the crop of five unpatched Office vulnerabilities is leading to a "malware storm" and asked whether "every day is zero day" for Microsoft Office. 

"Microsoft had better get in gear and at least laminate its paper bag so we can weather this malware storm," the analyst said.

Nachreiner's comments come after the disclosure of a fifth new vulnerability in Microsoft Office.  

The latest vulnerability affects Excel, and allows attackers to remotely execute code on a compromised system. The four previous vulnerabilities all targeted Microsoft Word.

Attackers have been exploiting the newly-discovered vulnerabilities in recent weeks. The Excel vulnerability has been used by attackers to install working malware applications. Attacks targeting unpatched vulnerabilities in Word also continue to circulate.  

Microsoft and third-party security vendors have warned users not to open any unsolicited or otherwise suspicious file attachments.

Nachreiner warned that the consequences could be dire if Microsoft is unable to publish fixes for all of the Office vulnerabilities by next Tuesday's monthly security update.

"With a bunch of zero-day vulnerabilities actively floating around the internet, I hope Microsoft fixes these Office issues soon, preferably this upcoming patch day," said Nachreiner.

"If it does not, many innocent Office users will get blown away by the ongoing malware storm."

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

german flag

Germany backs away from ACTA

Related white papers

Related articles

Related jobs

Today's top stories

heartvalentinesday

Top 10 Valentine's Day technology matches made in heaven

Microsoft Windows 8 start screen

Microsoft talks up Windows 8 for ARM hardware

Security enhancements will be added with the Chrome 17 update

Chrome for Android hands on review

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

Khidr headshot

Intel will prove Steve Jobs wrong in the mobile market

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Senior Account Manager/IT Account Manager - West London - £38k

Senior Account Manager/IT Account Manager - West London...

Implementation Manager, (Project Manager/Business Analyst)

Implementation Manager, (Project Manager/Business Analyst...

2nd Line Engineer - 6 month initial contact-Up to £20 per hour

2nd Line Engineer - Desktop/Remote - Active Directory...

.NET Developer - MS Gold Partner - Glasgow, Scotland

.NET Developer (VB.NET, VB, dot NET, Desktop, Winforms...

To send to more than one email address, simply separate each address with a comma.