On Tuesday, experts say that Microsoft will patch the vulnerability as the attackers have been exploiting an unpatched vulnerability in Microsoft Word. Attackers were trying to compromise computers and infect them with malware and viruses. Malicious Word Document is attached to an e-mail that creates an outbreak, according to a blog post published on Saturday. When this document which is used in this attack are opened, they reach out to an external server and downloads an HTA (HTML Application) file that contains nasty VBScript executed. The HTA file is masked as an RTF (Rich Text Format) document and is executed automatically.
The researchers of McAfee said: “The successful feat closes the bait Word document, and shows a fake one to show the victim.” They further added, “In the background, the malware has already been furtively installed on the system of the victim.” FireEye security researchers also said that they were aware of all these attacks that have exploited for several weeks and have synchronized disclosure with Microsoft.
FireEye said that the malicious word documents were sent as email attachments. Both McAfee and FireEye stated that the feat can bypass most memory-based mitigations that are included in Windows. This has happened because vulnerability is not a programming error but a logic bug.
Another attack named Zero-day attacks are assisted only in selecting individuals. For example: People those who work with a government contractor or a government agency. On Tuesday, Microsoft would be scheduling its monthly security updates but the vulnerability of this patch would be included or not is still not known. Users should be aware of the documents that they receive from untrusted sites and should immediately enable the office protected view mode allowing to block this attack.