Modern technology gives us many things.

Microsoft Office vulnerability you didn’t know about

0

Microsoft Office vulnerability you didn’t know about.

Microsoft has patched a 17-year-old remotely executable bug that hackers can use to execute arbitrary code on vulnerable machines.

Researchers at Embedi has discovered the bug in Microsoft Office Suite, which is not protected by Microsoft’s Windows 10 exploit mitigations.

Microsoft Office vulnerability For hackers

The vulnerability is a memory-corruption issue in Microsoft Equation Editor (EQNEDT32.EXE) that resides in all versions of Microsoft Office released in the past 17 years. EQAEDT32.EXE is a component to insert and edit equations into Microsoft Word documents as an OLE (Object Linking and Embedding) item. OLE object consists of Internal data and picture in form of formula.

Microsoft Office vulnerability, Microsoft Office hack, windows hacking
Microsoft Equation Editor (EQNEDT32.EXE)

Microsoft Office vulnerability, Microsoft Office hack, windows hacking

But because of improper memory operations, OLE fails to properly handle objects. Using which Hackers can easily execute malicious code.

Exploitation of this vulnerability requires opening a specially crafted malicious file with an affected version of Microsoft Office or Microsoft WordPad software.

This vulnerability can download and execute malicious files from the internet without knowledge of the user and can also take full control of the system. Hackers can also execute files from WebDAV server controlled by them.

Microsoft Office vulnerability, Microsoft Office hack, windows hacking

Also Read: Tracking and hack Whatsapp account – Check Online activity

How to protect your system?

Microsoft has released a patch for this vulnerability. So, users are recommended to get their system patched as soon as possible.

This component has many vulnerabilities. So, it’s better to disable registering of the component in Windows registry. Run the following command in the command prompt to disable registering of the component in Windows registry.

reg add "HKLM\SOFTWARE\Microsoft\Office\XX.X\Common\COM Compatibility\{0002CE02-0000- 0000-C000-000000000046}" /v "Compatibility Flags" /t REG_DWORD /d 0x400

For 32-bit Microsoft Office package in x64 OS, run the following command:

reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Office\XX.X\Common\COM Compatibility\{0002CE02-0000-0000-C000-000000000046}" /v "Compatibility Flags" /t REG_DWORD /d 0x400

Replace X with your Microsoft office version.

It is also recommended to open the files in protected mode. Users can enable the protected mode as follow:

  1. Click the File tab. The Microsoft Office Backstage view appears.
  2. In the Backstage view, under Help, click Options. The Options dialog box appears.
  3. Click Trust Center in the left pane, and then click Trust Center Settings.
  4. Click Protected View.
  5. Checkmark all the following options:
  • Enable Protected View for files originating from the Internet.
  • Enable Protected View for files located in potentially unsafe locations.
  • Enable Protected View for Outlook attachments.
Also Read: Beware: Trendy Sarahah can get you hacked.