The third deadliest zero-day error in Word

Hackers have just launched a malicious attack on a deadly security bug in Microsoft Word.

Thus, this is the third consecutive security bug discovered in Microsoft's famous Word application within the past week. All three security flaws have been exploited by hackers to attack the Internet user community.

The malicious code began to be distributed online via Milw0rm.com from Tuesday (December 12). Now any object of the global hacker community can easily find and use this malicious code.

Picture 1 of The third deadliest zero-day error in Word Mr. David Marcus - McAfee's director of communications and security research - said that like other security flaws discovered in Word, this security error also allows an attacker to activate it. every part of the system makes a mistake.

Hackers have taken advantage of security flaws in targeted attacks that are very clear. They do not send spams and attach a malicious Word file that only sends to certain objects. The technique to trick users into opening files is still a "social engineering" technique that is very popular in attacks like this.

For example, in the latest attack that took place on Sunday, an email containing a malicious Word file was sent directly to three leaders in a company, Marcus said.

A Microsoft spokesman confirmed that the company is currently investigating further this newly discovered security error. Although the new bug attack code in Word has not yet spread widely, it also causes many concerns for the business user community.

Marc Maiffret - Technical Director of eEye Digital Security - said that over the past time the number of targeted attacks on Word has skyrocketed. Every month there are new security bugs discovered in the Microsoft Office suite.

Hoang Dung