How Do You Protect Yourself from Microsoft Office Malwares?
- 21 July, 2017 17:43
Recently, antivirus company McAfee has warned users that Microsoft office has a potentially harmful virus inside that can install Malware into the PC of users once the user installs MS Office in his or her computer. The installation of Malware could lead to the computer slowly deteriorating as well as theft of information.
Causes of the problem
According to McAfee, the cause of such security mishap is the Object, Linking, and Embedding technology that Microsoft uses.
The OLE technology is quite vulnerable to attack and can be used to hit users with Malware. According to a report from another development company, FireEye, who claims to have noticed this bug even before McAfee did, states that users who are targeted will be sent an email that has a Word Document with an OLE2link Object.
Once the user opens the document, Microsoft HTML application will execute a malicious file and flood the user’s computer with Malware.
McAfee also states that all MS Office versions are vulnerable to such attack.
Tips on how to avoid the virus
While there has been no definite way to cure the virus yet, McAfee gave users two tips on how to avoid this virus. These are:
- Do not open any MS Office emails or files that come from unknown locations or sources
- Always enable Office Protected View When you launch an MS Word file. McAfee also discovered that the virus is not able to execute or get into the system if the user opens the Word file in Protected View
Take extra precautionary steps
Although the previous two tips can be effective, there were times discovered that the virus was still able to bypass the Word document even if it was in Protected View.
With this, Ryan Hanson, a researcher at security firm Optiv, tweeted another way to help further secure users by adding another component to the Protected View. In his tweet, he told users to input a code in the Windows registry:
Software\Microsoft\Office\15.0\Word\Security\FileBlock\RtfFiles to 2 and OpenInProtectedView to 0.
By doing this, it is possible to further block off the virus and ensure that it won’t be able to bypass Protected view. Ryan Hanson also stated in his tweet that a pop up will appear when a user opens an RTF file wherein it will warn the user of an error in the file and will suggest File Block settings.
After the attack, a Microsoft spokesperson gave a statement regarding their movement to help eliminate the threat.
Since then, Microsoft has reported that they created a patch that will help block off the unwanted virus. Installing this patch in MS Office will help prevent any instances of viruses from attacking users who install MS Office into their computers.
Though they have already created a patch to address this issue, Microsoft also advises users to go through all the extra security measures in order to be fully protected from the said booby trap MS Office virus.
Taking precautionary measures and being extra vigilant when using or sharing information on the cloud will help protect not only yourself but your entire organization from cybersecurity issues.