Microsoft Word bug can be used to bypass security systems

Attack route

Researchers at email and data security company Mimecast have uncovered a bug in Microsoft Word that can be used to bypass security systems.

The bug incorrectly handles integer overflows and can be used to circumvent security systems and fool parsers to deliver remote code that can take complete control over a compromised machine.

The problem has been reported to Microsoft which has acknowledged that it is unintended behavior. It has declined to release a security patch at this time though, as the issue on its own does not result in memory corruption or code execution. The problem may be fixed at a later date.

More information on the issue can be found on the Mimecast blog.

The company has also today released the results of its latest Email Security Risk Assessment (ESRA). This finds an average of one malicious URL in every 61 emails. It also reveals that 24,908,891 spam emails, 26,713 malware attachments, 53,753 impersonation attacks, and 23,872 dangerous file types of the 232,010,981 total emails inspected were all missed by security solution providers and delivered to inboxes.

"Email and the web are natural complements when it comes to the infiltration of an organization. Email delivers believable content and easily clickable URLs, which then can lead unintended victims to malicious web sites. URLs within emails are literally the point of intersection between email and the web. Organizations need the visibility across both channels in order to have the protection required to stay on top of today’s ever-evolving and expanding threats and having a single vendor in an integrated solution can help," says Matthew Gardiner, cybersecurity strategist at Mimecast. "Cybercriminals are constantly looking for new ways to evade detection, often turning to easier methods like social engineering to gain intel on a person or pulling images from the internet to help 'legitimize' their impersonation attempts to gain credentials or information from unsuspecting users."

Impersonation fraud is on the up too, with 41 percent of respondents reporting seeing an increase in impersonation fraud from vendors or business partners asking for money, sensitive information or credentials -- with 38 percent saying they've seen an increase of impersonation fraud from well-known internet brands.

The full ESRA report is available from the Mimecast site.

Image Credit: Jurgen Priewe / Shutterstock

19 Responses to Microsoft Word bug can be used to bypass security systems

© 1998-2023 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.