Microsoft has released a software patch to prevent hackers from infecting Office software

Microsoft issues patch to protect Office

Microsoft has released an emergency fix after having learned hackers were exploiting a previously unknown security flaw to attack the popular Office software.

The temporary solution, known as Fix It, should prevent hackers from further infecting users’ PC’s with tainted Word documents.

The current patch is only temporary and a proper solution will be available with Microsoft’s next regular software update. Users have to download Fix Its and install them manually on their PCs.

According to an announcement on the company’s website, only a "very limited" number of attacks exploiting the newly discovered zero day vulnerability has been reported, with most of them taking place in the Middle East and South Asia.

It has been reported that victims were receiving emails asking them to open the tainted Word documents.

The vulnerability affects customers using Office 2003 and Office 2007 as well as those running Office 2010 on Windows XP and Server 2003.

"Zero day" vulnerabilities are usually used by hackers to attack a limited number of high-value targets in a bid to keep the flaws a secret as long as possible.

Typically, when makers of widely used software programs issue a warning about a zero-day bug, groups of hackers rush to reverse-engineer the Fix Its so they can build computer viruses that also exploit the same vulnerabilities.

Stuart McClure, chief executive officer of the cybersecurity firm Cylance, said that businesses using vulnerable versions of Office should install the Fix It to prevent attacks.

"I definitely think it is something that needs to be patched," he said.

Recent articles

Info Message

Our sites use cookies to support some functionality, and to collect anonymous user data.

Learn more about IET cookies and how to control them