Microsoft Word is hit by a bug which was designed by the scammers to steal the baking logins of the users. Microsoft has been quick in coming up with an update before this Word bug can cause widespread financial loss. This Word bug was reported by a cyber-security firm named Proofpoint which stated that this bug has spread from an email campaign. The email campaign helped in distributed the Dridex malware which effectively targeted the Microsoft Word application in order to snoop upon the user’s banking login activity. Scammers have made use of a scam email campaign wherein they had distributed a Microsoft Word RTF (Rich Text File) documents which contained the Dridex within it.
The damage brought about by Dridex in the past
Just two ago cyber attackers made use of Dridex to steal about £20 million from the British bank accounts. Proofpoint has found that a vulnerability or flaw present in the Microsoft Word application for the Windows operating system has helped in installing and harbouring the Dridex. Micrsoft has not revealed whether the Word application on the Mac devices has been affected with this Word bug or not.
MS Word is ‘fully exploited’
Proofpoint researchers have explained in a blog that during their testing they found that the Microsoft Office 2010 can be fully exploited by the scammers for their own purpose. Microsoft brought an update on Tuesday April 11 to get rid of the Word bug and secure all the system from it. The updates have already been brought to Office 2010 and it will help in protecting it automatically.
Microsoft has also asked the customers to practice the safe computing habits in order to keep their devices secure against any such vulnerability and attack in future. One should always be cautious while opening unknown files or clicking on links present in the mail or on a dubious website. One should never indulge in downloading content from the untrusted sources on the internet in order to avoid falling to the traps of the scammers and cyber criminals.
Install the security patch quickly
Proofpoint has asked the Microsoft Word users to secure their system at the earliest by installing the latest security updates. They even stated that the when we encounter such security threats or vulnerability of a software or application which is used on a global scale then effort should be made towards growing ‘awareness’. Awareness helps in notifying the users to get rid of the application or stop using it for the time being in order to keep their devices secure. Secondly it adds pressure on the tech firm responsible for that application or program to come up with a security patch quickly.
Microsoft has also revealed that flaws have been found in two products which had been exploited by the scammers. One flaw was detected in the Internet Explorer which helps scammers in accessing sensitive information about the domain. However Microsoft has fixed all these flaws and vulnerability with the latest updates and users are simply to install it to secure their devices.