For many years, users of Microsoft Office 2010 were instructed to watch out for a certain exploit that could leave them vulnerable to remote code execution. That particular exploit was listed by Internet security analysts as CVE-2012-0158, also known as the Microsoft Word intruder, which affected not only Office 2010 but also Office 2007 and Office 2013.
It so happens that cybercrime perpetrators have decided to modernize the old Microsoft Word intruder. In late July 2016, industry site IT World Canada reported on an update from Internet security firm Sophos, which reported updated versions of this exploit.
How the Microsoft Word Intruder Works
Contrary as to what its name might suggest, the Microsoft Word intruder does not limit itself to Word documents. Just about any file format supported by Office 2010 can be used to launch the attack; this includes Rich Text Format (.rtf), an old Windows standard, and evem HTML.
The basic mechanism of the exploit consists of distributing a document that contain an Encapsulated Postscript (EPS) file, which looks like a standard image. The targeted user does not usually suspect anything; however, the document acts like a booby trap in the sense that executes malicious code in the background that connects the victimized computer, laptop, tablet, or smartphone to a rogue server.
Once the targeted device has been compromised, remote attacks can be launched on a network. Another scenario would be a computer becoming part of a botnet to distribute spam or malware.
The Updated Version of the Exploit
IT World Canada reports that the new version of this Microsoft Office 2010 cyber threat has become more sophisticated. In an effort to prevent suspicion among victims, the document inside the exploit kit has been significantly reduced in size and has been renamed to “document.xml,” although this may change from one cybercrime group to another.
In the past, known hacking outfits combined the Microsoft Word intruder with the FAREIT Trojan, which took advantage of a Windows Powershell vulnerability. The new intruder is more likely to arrive via an email message with attachments.
The generic hook of the messages is written in “corporate speak” that makes vague references to payments, invoices, orders, price quotations, etc. Sophisticated cybercrime crews may conduct some research on their intended victims to craft the message. For example, the email address may be spoofed to resemble an internal user, and the message could be crafted in a way that resembles the office culture.
Corporate IT security managers in Canada should research the new threat, which has been filed as CVE-2015-2545, and apply the necessary patches to avoid being compromised. This new exploit kit actively targets Microsoft Office versions installed within a business network.
Windows 7, while known for its performance and stability, is not exactly the most feature-packed and exciting operating system out there. A number of features and programs that most users take for granted are not available in the system itself and need to be installed separately. Let’s take a look at a few now:
Google Chrome is the most popular browser these days, particularly among those who know their way around a computer. There are plenty of reasons: it’s fast, secure, and has an enormous number of extensions available to make it even more useful and customizable, which is important since this is likely to be the most used piece of software on your computer.
Windows comes with Internet Explorer as the default web browser. While it has improved significantly over the years, it still lacks many of the features that make alternatives like Chrome attractive. Chrome, for example, has a much larger extension library.
Firefox is the other major choice worth considering. Like Chrome, it is fast, features an enormous library of extensions and add-ons to expand functionality, and has lots of features to improve your security and privacy.
While the browser might be the most used software on your computer, your antivirus program is probably the most important, especially with Windows 7: this version of Windows lacks the built-in protection of the newer Windows operating systems.
When it comes to antivirus, there are several good choices, depending on what features you want and whether you want to pay for the software. The website av-test.org conducts tests of all the major antivirus software out there and provides detailed ratings and reviews. Their current top choices for Windows 7 are Avira Antivirus Pro 2016, Kaspersky Lab Internet Security 2016, Norton Security 2016, and Trend Micro Internet Security 2016. You can’t go wrong with any of these choices.
Having access to cloud storage is almost essential these days, especially if you use your computer for business, and Dropbox still tends to be the most popular. It’s reliable and affordably priced. Alternatives include Google Drive and Microsoft OneDrive. They all do pretty much the same thing.
Finally, we can’t forget about our entertainment! iTunes is, of course, extremely popular, but another excellent piece of software is VLC. VLC is a free media player that has become famous for being able to play basically any file type you can throw at it. Windows 7, by default, will be able to play many of the most common files, but there are plenty that it just can’t handle without additional software, and VLC takes care of that.