Cyber miscreants have been exploiting a zero-day vulnerability in Microsoft Word for months, aiming to compromise machines with malware.
Security experts at McAfee first reported the attack on Friday after discovering suspicious Word files. After further analysis, the researchers found that “all Microsoft Office versions, including the latest Office 2016 running on Windows 10,” were being targeted thanks to a zero-day vulnerability found in each of the software.
“The root cause of the zero-day vulnerability is related to the Windows Object Linking and Embedding (OLE), an important feature of Office,” wrote Haifei Li, a security researcher at McAfee, in a full report on the attack campaign.
The suspicious Word files first noticed by McAfee are making the rounds as email attachments. When opened by victims, the documents reach out to a remote server controlled by attackers that then allow them to gain full code execution on the victim’s computer.