Microsoft Office has been named as the attack vector of choice for hackers around the world. The most common form of the attack is a malicious Word document or other office document attached to an innocent looking email.
There are, of course, plenty of other ways to take advantage of various security weaknesses in MS Office and Office 365. These include the use of remotely hosted malicious components embedded within documents that deliver zero-day exploits when the document is opened.
The reason MS Office is such a wildly popular choice isn’t because it has an unusual number of security loopholes that can be exploited (although it’s certainly got its share). Rather, it has everything to do with the overwhelming popularity of the office suite. Simply put, lots of people use it on a regular basis, and that means the pool of potential victims is enormous.
As the report explains:
“There is likely to be an increase in attacks via malevolent email attachments using stealthily embedded, remotely hosted malicious components that leverage applications and operating system vulnerabilities, both old and new.
With CVE-2018-8174 and CVE-2018-5002, the attackers leveraged Word as a vector to exploit Adobe Flash Player and Internet Explorer. By using Word as the vector, the attackers were able to exploit a browser, even if it is not the default browser, and exploit Flash, even though Flash is blocked by most enterprises…Microsoft is therefore undoubtedly going to become the platform that attackers leverage most to deliver their zero-day exploits.”
All true, and beyond troubling. If your business uses Microsoft Office or Office 365 (and odds are excellent that it does), continued vigilance is the key.