Cybersecurity researchers at Cisco Talos recently discovered a vulnerability in Microsoft Office that could allow potential cybercriminals to remotely execute malicious code on a targeted endpoint.
Announcing the news in a short blog post published earlier this week, the office software developer said its researcher Marcin “Icewall” Noga discovered a vulnerability in Microsoft Excel regarding the double-free class attribute.
By running the armed Excel file, the victim would allow the attacker to execute arbitrary code on her device. The vulnerability is currently tracked as CVE-2022-41106, and otherwise details are scarce.
All we know is that Microsoft has been notified and has already provided a patch. Excel users are advised to update to version 2207 build 15427.20210 and version 2202 build 14931.20660.
Targeting office workers
Microsoft’s productivity suite continues to be one of the most popular attack vectors among cybercriminals. Until recently, emailed Office documents with malicious macros were the most popular way for office workers to download and run malware on their computers, opening the door to more destructive cyberattacks such as ransomware or identity theft.
Recently, Microsoft decided to prevent software from running macros in files downloaded from the Internet at all, as opposed to a trusted local network.
This has prompted cybercriminals to move away from macros and into Windows shortcut files (.lnk), which are now commonly used to sideload malicious .dll files and other types of malware.
Regardless of the security measures implemented by software companies and companies, one truth remains constant – employees are still the weakest link in the cybersecurity chain. Fraudsters will always find a way to trick them into downloading and running malware, unless they are educated and trained to stop cyberattacks.
Aside from that, making sure your staff isn’t overworked and distracted can also help improve any company’s cybersecurity posture.