Microsoft Patched 17 years Old Bug affects All Version of MS Office Package

Share it:
Almost for 17 years, a critical security bug was present in Microsoft Office package which was even didn't knew by Microsoft.

Embedi - a security based company specializing in cybersecurity solutions for embedded devices, published their recent research which exploits 17years old Vulnerability exits on Microsoft Office Package.

The vulnerability has been assigned with the CVE ID-2017-11882 and is extremely dangerous and critical.

Why Critical and Dangerous?
As you read above is right because this vulnerability affect every version of MS Office Package.
Here are some Key points-
  • Works with all the Microsoft Office versions released in the past 17 years (including Microsoft Office 365). 
  • Works with all the Microsoft Windows versions (including Microsoft Windows 10 Creators Update)
  • Is relevant for all the types of architectures
  • does not interrupt a user's work with Microsoft Office
  • If a document is opened, the vulnerability does not require any interaction with a user to be exploited.
Now you got how critical it is.  But don't get panic as Microsoft have already fixed this bug.

Video Demonstration
Here is an video Demonstration of the Vulnerability that researcher posted-

What Users Have to Do?
As the Vulnerability affects every single version of MS Office Package, then also Embedi have guided a prevention of this bug.
As  the component has numerous security issues and the vulnerabilities it contains can be easily exploited, the best option for a user to ensure security is to disable registering of the component in Windows registry. To do this a user should enter the following command in the command prompt:
reg add “HKLM\SOFTWARE\Microsoft\Office\Common\COM Compatibility\{0002CE02-0000-0000-C000-000000000046}” /v “Compatibility Flags” /t REG_DWORD /d 0x400
or in case of 32-bit Microsoft Office package in x64 OS:
reg add “HKLM\SOFTWARE\Wow6432Node\Microsoft\Office\Common\COM Compatibility\{0002CE02-0000-0000-C000-000000000046}” /v “Compatibility Flags” /t REG_DWORD /d 0x400
After that, it will be impossible to start the vulnerable component and exploitation of the vulnerability in MS Office documents will be prevented.

Here you can get full technical details of the research on blog and PDF.
Share it:

Microsoft

Research

Security

ZeroDay Bug

Post A Comment:

0 comments:

Follow by Email