Results for microsoft office

Threat Research

New Remcos RAT Variant is Spreading by Exploiting CVE-2017-11882

Several days ago, FortiGuard Labs captured a malware sample that was exploiting the Microsoft Office vulnerability CVE-2017-11882 patched by Microsoft last November. The sample is an RTF document with an Equation object. By analyzing its behavior in my test environment, I realized that it spreads a new variant of Remcos RAT, version “2.0.4 Pro,” that was released on April 7, 2018 from its official website. It is able to control the victim’s PC after infection.

By Xiaopeng ZhangMay 04, 2018

Threat Research

FortiGuard Labs Discovers Multiple Use-After-Free Vulnerabilities in Microsoft Word

During the last few months, FortiGuard Labs discovered and reported multiple use-after-free (UAF) vulnerabilities found in different versions of Microsoft Word. These vulnerabilities were patched in the January and March security updates, respectively. These patches are rated as critical/important, and as always, we urge users update Microsoft Office as soon as possible.

By Wayne Chin Yick LowMarch 22, 2018

Industry Trends

Public Cloud Security: Making It a Business Enabler

In general, if a cybercriminal is able to successfully launch an attack at an owner-operated IT infrastructure, they can also launch one at a cloud service provider. In fact, public cloud services have become highly attractive targets for cybercriminals. For them, breaking into a cloud service is like merging onto a superhighway that can deliver their little bundles of evil far and wide, potentially impacting hundreds or thousands of organizations with a single strike.

By Jeannette JarvisDecember 04, 2017

Threat Research

Cybercriminals Exploiting Microsoft’s Vulnerable Dynamic Data Exchange Protocol

Visa Payment Systems Intelligence recently announced that cybercriminals are threatening the payments ecosystem by leveraging a vulnerable Microsoft Dynamic Data Exchange protocol in phishing campaigns. This phishing attack relies on the Dynamic Data Exchange (DDE) protocol for infection instead of the usual malicious macros or an exploit kit. FortiGuard Labs has issued three IPS signatures that defend our customers against these attacks.

By FortiGuard SE TeamNovember 17, 2017

Threat Research

A 14-day Journey through Embedded Open Type Font Fuzzing

One of our daily routines as researchers here at FortiGuard Labs is to write and maintain our internal fuzzers to help us more effectively find potential vulnerabilities on different software products. In this blog post we would like to share how we discovered multiple Embedded Open Type (EOT) font vulnerabilities by using a combination of dumb and intelligent open source fuzzers.

By Wayne Chin Yick LowOctober 19, 2017

Threat Research

It's Still Patch Tuesday - FortiGuard Labs Discloses Microsoft Office Word Double Free Vulnerability

Overview From the Yes, You Really Should Upgrade Department, FortiGuard Labs has discovered a third Microsoft Office Vulnerability that is rolled into today's Patch Tuesday updates. For a bit of variety, this is a double free vulnerability in Word 2007 and 2010. The vulnerability occurs when Word fails to validate that a pointer was already released before attempting to release it again, causing conditions that attackers could leverage to achieve remote code execution scenarios. The underlying problem involves an internal structure...

By Kai LuDecember 08, 2015

Threat Research

Patch Tuesday Part Deux: FortiGuard Labs Discloses Microsoft Excel Memory Corruption Vulnerability

Overview Microsoft Patch Tuesday continues with another FortiGuard vulnerability disclosure, this time affecting Microsoft Excel. For a bit of background on Microsoft Office in general and Office 2007 in particular, check out today's first disclosure. In this case, a memory corruption vulnerability has been discovered in Microsoft Excel 2007. The vulnerability exists due to an error while the vulnerable software attempts to open a specially crafted Excel file. As with the other disclosures today, this vulnerability could lead...

By Kai LuDecember 08, 2015

Threat Research

It's Patch Tuesday - FortiGuard Labs Discloses a Microsoft Word Heap Overflow Vulnerability

Overview Microsoft Office is the most popular productivity suite in the world, first released by the Redmond software giant in 1988. Microsoft releases updates and patches for its software, including Office, on what is now commonly known as Patch Tuesday (the second and sometimes the fourth Tuesday of each month). Today, Patch Tuesday includes not one, not two, but three vulnerabilities discovered by researchers at FortiGuard Labs. The first is a heap overflow vulnerability Microsoft Word 2007. Although it was released eight years ago, Office...

By Kai LuDecember 08, 2015