Hackers Use Apps Like Microsoft Office to Attack

Microsoft Office is the single most successful suite of productivity software applications in the history of computing. Since it is used by billions of people, both Mac and Windows users worldwide, that popularity has made it the focus of hackers. Over the past few months, we’ve seen that Office users are being more intensely targeted. One of the most common forms of attack is a malicious Word document or other Microsoft Office file attached to an innocent looking email.

Thankfully software is constantly being patched to fix problems as soon as they are discovered. Unfortunately there are plenty of ways to take advantage of security weaknesses within unpatched software. There are armies of bots sending messages and scanning systems for known vulnerabilities. These schemes include the use of remotely hosted malicious components embedded within documents that deliver “zero-day” exploits when a document is opened (zero-day means that the vulnerability has just been discovered and there is not a fix for it yet).

There are also registries called Common Vulnerabilities and Exposures or CVEs. CVEs are catalogs of instructions on how to exploit an unpatched system. (For example, with CVE-2018-8174 and CVE-2018-5002, attackers can leverage Word to exploit Adobe Flash Player (which we recommend everyone uninstall) and Internet Explorer. Then, using Word, attackers are able to exploit a browser even if it is not the default browser, and exploit Flash even though Flash might be blocked.) So, if you use Microsoft Office, Office 365 OR ANY OTHER SOFTWARE, you need patch early and often.

The most important question is: how do hardworking business owners ensure that their software is always up-to-date? How will you find the time to constantly update each and every piece of Mac or Windows software you use? How can you be knowledgeable about the many susceptibilities out there? You need to know that if your computer is not patched, you are a target.

SaviorLabs Can Help!

If you use software, continued vigilance is the key. As part of SaviorLabs’ services, we ensure that your systems are patched and updated regularly. Having a security plan, policy and procedures in place to prevent your computers and data from being exploited are all critical. SaviorLabs specializes in working with business owners to easily design and implement systems to protect their businesses.

We’ll conduct a FREE Network Assessment and provide you with a report on your network’s security vulnerabilities. Click here to learn more, or give us a call at 978-561-6025.