The widespread use of Microsoft’s Windows operating system means that the software is a frequent target for hackers. One of the latest attacks focus on Windows Vista, the Lync messaging system, and older versions of Office, including versions 2003-2010. If attacks are successful, hackers gain the same access privileges as the user and are essentially able to control the hacked system.
According to a blog post from Microsoft, “The exploit requires user interaction as the attack is disguised as an email requesting potential targets to open a specially crafted Word attachment. If the attachment is opened or previewed, it attempts to exploit the vulnerability using a malformed graphics image embedded in the document. An attacker who successfully exploited the vulnerability could gain the same user rights as the logged on user.”
In plain English, the hacker is sending emails with a malicious Microsoft Word document attached. This document contains an image that is altered and by exploiting the bit of code that displays the image, the hacker can gain access to your system.
As stated above, this exploit will only work on systems with Windows Vista, Microsoft Office 2003-2010 and Windows Server 2008, and Lync. If you don’t use the specific versions of these programs, your systems are secure from this particular threat. These attacks have thus far been mostly limited to the Middle East and South East Asia, but it is only a matter of time before businesses in Europe, Australia and North America are targeted.
Is there anything I can do to protect my business?
Microsoft has released a security update for this issue, and users who have automatic updates enabled on Windows Vista should be secure from it. If you haven’t updated your easiest option is to:
- Click Start followed by Control Panel.
- Select Security.
- Click on Check for updates and follow the prompts.
While this will work to keep your individual systems secure, you may need to update your servers and other software. Contact your IT partner to see how they can help ensure an update is installed correctly.
It is also be a good idea to put some preventative measures in place.
- Implement a firewall – Firewalls are a security measure that allow users to set rules about what type of data is allowed to enter or exit a network. This helps ensure that networks are secure and not transmitting potentially harmful data.
- Email scanning – Many security solutions also offer email scanning. These services scan emails for spammy content and attachments that could pose a security threat, like broken images, such as we’ve seen in the recent Microsoft exploit.
- Keep all systems and programs up-to-date – The best way to prevent security breaches or problems is to keep your systems and all of your programs, even the ones you don’t use, up-to-date. Hackers usually go after easy targets, and some of the easiest targets are systems that aren’t updated.
- Watch your attachments – Because this exploit has to be physically introduced into your systems by a user downloading and opening the document, and it is usually attached in an email, be sure to look at email attachments and avoid opening them if they look suspicious.
- Update to newer software versions – Windows 7 and 8, Office 365, and Server 2012 are newer systems, and for the most part remain more secure than their older counterparts. Not to mention the fact that many software developers, security developers included, mainly focus on the newer versions of Windows.
If you are looking to learn more about this security problem, how to secure your business or to upgrade to a newer version of Windows, please contact us today to see how we can help.