Microsoft Office Users Attacked By Cybercriminals

Microsoft has warned that cybercriminals have attacked users of its Office software for Windows PCs, exploiting a programming flaw that the software giant has yet to repair. The company issued the warning on July 14, Tuesday, as it released patches to address nine other security holes in its software. “Despite today’s fixes, Windows users continue to be under attack. Microsoft is taking two steps forward, while attackers are putting it one step back,” said Dave Marcus, McAfee’s Avert Labs director of security research.

Cybercriminals target Microsoft programs because they are so widely used, allowing them to go after the largest number of potential victims with one set of code. (Windows runs more than 90 percent of the world’s PCs. Office has some 500 million users). Hackers take advantage of the Office vulnerability by booby-trapping websites with malicious code that loads onto computers running Office software. Infected PCs are commandeered into a botnet, a network of hijacked computers. They are used for identity theft, spamming and other cybercrimes.

More from Biztech

Future Group - Reliance Retail Deal approved by CCI RBI ban on cryptocurrencies takes effect; prohibition could force investors to tap the black market

Microsoft did not say how many machines were attacked. Users can prevent attacks by disabling functions within the Office software that allow it to work over the Web. Microsoft has posted a tool for doing that on its website – http://support.microsoft.com/kb/973472 Office XP, 2003 and 2007 are vulnerable to the attacks. (Reuters)