The Safe Mac

Follow The Safe Mac on Twitter to stay advised of the latest Mac security news!


Microsoft Office vulnerability used to spread malware

Posted on March 28th, 2012 at 8:58 AM EDT

AlienVault Labs has announced discovery of malware “in the wild” that is taking advantage of a Microsoft Office vulnerability to install itself.  It would appear that MS Office for Mac 2004 and 2008 are both vulnerable if the relevant security patch has not been installed.  On vulnerable systems, malicious MS Office documents have been seen that install two different trojans, the Tibet.A trojan announced last week and a second never-before-seen trojan apparently called MacControl.

Some may make the claim that this malware is a non-issue, because the patch for the vulnerability it relies on was released by Microsoft on June 9, 2009 – nearly three years ago.  However, many people never install updates.  As Sophos pointed out in February, malware authors often target patched vulnerabilities, knowing that people will be running outdated systems for ridiculously long periods of time.  Since many Mac users upgrading to Lion were caught flat-footed by the discovery that MS Office 2004 – an 8-year-old product – will not run in Lion gives ample evidence to support the idea that there are many people using outdated versions of MS Office.

Users should be advised to install any available updates for MS Office as soon as possible, or start using an alternative to MS Office (such as OpenOffice, NeoOffice, LibreOffice or Apple’s Pages).

Post to Twitter

Tags: , , , , ,


One Comment

This post is more than 90 days old and has been locked. No further comments are allowed.

This page and all contents (unless otherwise noted) copyright 2011-2014 by Thomas Reed.
For questions or comments, please contact me.