Information provided by Corey Nachreiner with WatchGuard Security Center
- These vulnerabilities affect: Microsoft Word 2007 (and related components)
- How an attacker exploits them: By enticing users to open or interact with a maliciously crafted Word document
- Impact: In the worst case, an attacker can gain complete control of your Windows computer
- What to do: Install the appropriate Microsoft patches as soon as possible, or let Windows Automatic Update do it for you.
As part of today’s Patch Day, Microsoft released a security bulletin describing a vulnerability affecting Word 2007, and related software like the Office compatibility pack.
Word is the popular word processor that ships with Office. It suffers from A memory corruption vulnerabilities having to do with how it handles embedded fonts in documents. By luring one of your users into downloading and opening a malicious Word document, an attacker can exploit this flaw to execute code on that user’s computer, with that user’s privileges. If your users have local administrator privileges, the attacker gains complete control of their PCs.
Microsoft only rates this update as Important (their medium severity), since it requires user interaction to succeed. However, we’ve seen many attackers successfully use malicious Office documents in emails, as part of their advanced spear-phishing campaigns. For that reason, we recommend you install Microsoft’s Word updates as soon as you can.
Microsoft has released a Word (and related product) update to correct these vulnerabilities. You should download, test, and deploy the appropriate updates throughout your network as soon as possible. If you choose, you can also let Windows Update automatically download and install these updates for you.
For All WatchGuard Users:
WatchGuard’s Gateway Antivirus service can often prevent the most common malicious documents from reaching your users. You can also leverage our XTM appliance’s proxies policies to block all Word documents if you like; though most administrators prefer not to since Office documents are often shared as part of business. To fully protect yourself, we recommend you install Microsoft’s updates.
Microsoft has released patches correcting these issues.
- Microsoft Security Bulletin MS14-034