Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Vulnerabilities & Exploits » Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure

Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure

Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure

https://firewall.firm.in/wp-content/uploads/2024/08/ms.png

Aug 10, 2024Ravie LakshmananVulnerability / Enterprise Security

Office Vulnerability

Microsoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors.

The vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been described as a spoofing flaw that affects the following versions of Office –

  • Microsoft Office 2016 for 32-bit edition and 64-bit editions
  • Microsoft Office LTSC 2021 for 32-bit and 64-bit editions
  • Microsoft 365 Apps for Enterprise for 32-bit and 64-bit Systems
  • Microsoft Office 2019 for 32-bit and 64-bit editions

Credited with discovering and reporting the vulnerability are researchers Jim Rush and Metin Yunus Kandemir.

Cybersecurity

“In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability,” Microsoft said in an advisory.

“However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.”

A formal patch for CVE-2024-38200 is expected to be shipped on August 13 as part of its monthly Patch Tuesday updates, but the tech giant said it identified an alternative fix that it has enabled via Feature Flighting as of July 30, 2024.

It also noted that while customers are already protected on all in-support versions of Microsoft Office and Microsoft 365, it’s essential to update to the final version of the patch when it becomes available in a couple of days for optimal protection.

Microsoft, which has tagged the flaw with an “Exploitation Less Likely” assessment, has further outlined three mitigation strategies –

  • Block TCP 445/SMB outbound from the network by using a perimeter firewall, a local firewall, and via VPN settings to prevent the sending of NTLM authentication messages to remote file shares
Cybersecurity

The disclosure comes as Microsoft said it’s working on addressing two zero-day flaws (CVE-2024-38202 and CVE-2024-21302) that could be exploited to “unpatch” up-to-date Windows systems and reintroduce old vulnerabilities.

Earlier this week, Elastic Security Labs lifted the lid on a variety of methods that attackers can avail in order to run malicious apps without triggering Windows Smart App Control and SmartScreen warnings, including a technique called LNK stomping that’s been exploited in the wild for over six years.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.


Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket