A new threat has been discovered for Windows 10 users who use Microsoft Office installed on their PCs.
Users who use the software are being told to immediately update their PCs, or download the latest security updates.
Check Point Research (CPR) team warned over a “new vulnerability found” which effects the “entire Microsoft Office ecosystem.”
This includes, Excel, Outlook and Office and the updates users are being told to install are: CVE-2021-31174, CVE-2021-31178, CVE-2021-31179 and CVE-2021-31939 to ensure your PC is safe.
Explaining more about the attack
Yaniv Balmas, Head of Cyber Research at Check Point Software explained about the attack, “The vulnerabilities found affect almost the entire Microsoft Office ecosystem.
“It’s possible to execute such an attack on almost any Office software, including Word, Outlook and others.
“We learned that the vulnerabilities are due to parsing mistakes made in legacy code. One of the primary learning’s from our research is that legacy code continues to be a weak link in the security chain, especially in complex software like Microsoft Office.
“Even though we found only four vulnerabilities on the attack surface in our research, one can never tell how many more vulnerabilities like these are still laying around waiting to be found.
“I strongly urge Windows users to update their software immediately, as there are numerous attack vectors possible by an attacker who triggers the vulnerabilities that we found.”
Leave a Comment