Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Microsoft warns Office and Microsoft 365 users of unpatched ‘security flaw’ – ET CISO

Microsoft warns Office and Microsoft 365 users of unpatched ‘security flaw’ – ET CISO

Microsoft warns Office and Microsoft 365 users of unpatched ‘security flaw’ – ET CISO

https://etimg.etb2bimg.com/thumb/msid-112484796,imgsize-121374,width-1200,height=765,overlay-etciso/ot-security/microsoft-warns-office-and-microsoft-365-users-of-unpatched-security-flaw.jpg

Microsoft has revealed a serious security flaw in its Office software that could expose sensitive information to hackers. The unpatched vulnerability, labeled CVE-2024-38200 and rated 7.5 on the CVSS scale, allows attackers to impersonate users and potentially access confidential data. Researchers Jim Rush and Metin Yunus Kandemir discovered the vulnerability and reported it to Microsoft.

To exploit the flaw, attackers would typically trick users into opening malicious files disguised as legitimate documents. While Microsoft has implemented a temporary fix, a permanent patch is scheduled for release on August 13 as part of its regular security updates.

“In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability,” Microsoft said in an advisory.

“However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.”

The affected versions include:

* Microsoft Office 2016 for 32-bit edition and 64-bit editions
* Microsoft Office LTSC 2021 for 32-bit and 64-bit editions
* Microsoft 365 Apps for Enterprise for 32-bit and 64-bit Systems
* Microsoft Office 2019 for 32-bit and 64-bit editions

Users are advised to exercise caution when opening Office documents from unknown sources and to install the official patch as soon as it becomes available. Also, while customers are already protected on all in-support versions of Microsoft Office and Microsoft 365, it’s important to update to the final version of the patch as and when it becomes available.

  • Published On Aug 13, 2024 at 10:51 AM IST

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles


Scan to download App

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket