You can now find Cyber Kendra on Google News | Telegram

Microsoft Patched 17 years Old Bug affects All Version of MS Office Package

Almost for 17 years, a critical security bug was present in Microsoft Office package which was even didn't knew by Microsoft.

Embedi - a security based company specializing in cybersecurity solutions for embedded devices, published their recent research which exploits 17years old Vulnerability exits on Microsoft Office Package.

The vulnerability has been assigned with the CVE ID-2017-11882 and is extremely dangerous and critical.

Why Critical and Dangerous?
As you read above is right because this vulnerability affect every version of MS Office Package.
Here are some Key points-
  • Works with all the Microsoft Office versions released in the past 17 years (including Microsoft Office 365). 
  • Works with all the Microsoft Windows versions (including Microsoft Windows 10 Creators Update)
  • Is relevant for all the types of architectures
  • does not interrupt a user's work with Microsoft Office
  • If a document is opened, the vulnerability does not require any interaction with a user to be exploited.
Now you got how critical it is.  But don't get panic as Microsoft have already fixed this bug.

Video Demonstration
Here is an video Demonstration of the Vulnerability that researcher posted-

What Users Have to Do?
As the Vulnerability affects every single version of MS Office Package, then also Embedi have guided a prevention of this bug.
As  the component has numerous security issues and the vulnerabilities it contains can be easily exploited, the best option for a user to ensure security is to disable registering of the component in Windows registry. To do this a user should enter the following command in the command prompt:
reg add “HKLM\SOFTWARE\Microsoft\Office\Common\COM Compatibility\{0002CE02-0000-0000-C000-000000000046}” /v “Compatibility Flags” /t REG_DWORD /d 0x400
or in case of 32-bit Microsoft Office package in x64 OS:
reg add “HKLM\SOFTWARE\Wow6432Node\Microsoft\Office\Common\COM Compatibility\{0002CE02-0000-0000-C000-000000000046}” /v “Compatibility Flags” /t REG_DWORD /d 0x400
After that, it will be impossible to start the vulnerable component and exploitation of the vulnerability in MS Office documents will be prevented.

Here you can get full technical details of the research on blog and PDF.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.