Unpatched Office software still being used to attack computers
You might be forgiven for thinking that Microsoft Office isn’t so much software as a ‘trojan horse’ allowing hackers the opportunity to destroy, copy or ransom your valuable information.
That’s overkill, of course, but each week there’s yet another new attack on millions of computers relying on Microsoft Office. If it’s not a newly found security bug in one of the Office programs, it’s a cunning trick taking advantage of an existing security hole.
Here’s the latest example of hackers taking advantage of the unpatched and unwary.
Zyklon malware has been around since 2016 but is making a resurgence in the last few weeks.
It’s a multi-purpose nastie that can log your keystrokes (to get login details), copy passwords, start distributed denial of service (DDoS) attacks and even mine cryptocurrency. Zyklon “automatically detects and decrypts the licence/serial keys of more than 200 popular pieces of software, including Office, SQL Server, Adobe, and Nero”.
It’s reappearing on computers now courtesy of, you guessed it, security holes in Microsoft Office.
Three security bugs in Office are being leveraged in emails with infected .doc attachments. Once the hackers have used Microsoft Word to gain access, they install Zyklon and can ‘go to town’ on your computer, data and privacy.
What to do?
Hackers are counting on two things to make their attack work:
- Unpatched copies of Microsoft Office. It’s important to keep all your copies of Office up to date. Yes, it can be a PITA especially for older versions of Office. Yes, sometimes the patches themselves are faulty. Better to protect yourself from known security holes before it’s too late.
- Opening .doc files. It’s been ten years since .docx, .xlsx etc file formats came out. There’s no good reason for a legitimate email to use an old and suspect .doc, .xls or .ppt file attachments. If you get an .doc file from someone you think is ‘real’, don’t open it. Instead reply and politely ask them to resend as a .docx or .pdf.