Electronic security Cisco Talos researchers recently discovered a critical vulnerability in Microsoft Office that would allow potential threat actors to remotely execute malicious code on a targeted endpoint.
Announcing the news in a short blog post published earlier this week, the desktop software The developer said its researcher Marcin ‘Icewall’ Noga has uncovered a double-layer feature-free vulnerability affecting Microsoft Excel.
By running an armed Excel file, the victim will allow the attacker to execute arbitrary code on their machine. The vulnerability is now tracked as CVE-2022-41106, otherwise details are scarce.
What we do know is that Microsoft was notified and has already provided a patch. Excel users are advised to update their software to Version 2207 Build 15427.20210 and Version 2202 Build 14931.20660.
Target office workers
Microsoft productivity Wing is still one of the most popular attack vectors among cybercriminals. Until recently, Office documents containing malicious macros, distributed via email, were the most common way to get office workers to download and run malware on their computers, opening the door to more destructive cyberattacks such as ransomware or Identity theft.
Recently, Microsoft decided to prevent the program from running macros at all, in files downloaded from the Internet, as opposed to a trusted local network.
This has prompted cybercriminals to move away from macros and to switch to Windows Shortcut (.lnk) files that are now widely used for side-loading malicious dlls and other types of malware.
No matter what security measures software makers and companies implement, one fact remains – employees are still the weakest link in the cyber security chain. Unless they are taught and trained to stop cyberattacks, scammers will always find a way to trick them into downloading and running malware.
Besides, making sure that employees are not overworked and distracted can also help improve the cyber security posture of any company.