One of the biggest security flaws in modern software is known as the zero-daw flaw. These are often found by hackers, enthusiasts, and developers, and can pose tremendous risks to software. On Friday, news came out about Microsoft finding one in their Office product, but issuing a quick fix for it.
A zero-day flaw can be anything from a small thing to a very serious security risk, and most major sofware companies, like Microsoft, find them troubling. By Microsoft getting ahead of this like it did, it shows that security is a top concern at Microsoft and especially in Office.
The Zero-Day Flaw
Microsoft found that this latest security zero-day flaw occured when users were coaxed into opening a malicious Office file containing an OLE. Successful OLE’s are used when users want to edit PowerPoint files in a Word document, and similar fashions. But, this OLE example wasn’t that at all.
This if triggered would let the successful attacker gain rights to the users computer, and then use that computer to inject malicious code to other computers in the network. Microsoft noted that if users didn’t have an administrator account on these systems it was safer, but still posed a great risk for a temporary fix.
Microsoft on Friday issued a fix known as the “OLE packager shim workaround”, and is more of a temporary fix than a permanent one. It will fix 32 and 64 bit versions of PowerPoint, ranging from 2007 to 2013. These attacks will be focused on PowerPoint, and Microsoft had to issue a quick fix to get these programs secure.
Hackers and malicious individuals would use email or send them links to content, with these links embedded, get them to open it, and then get their system infected. It’s a major deal, and one that Microsoft fixed quickly and without hestiation. This zero-day fix is one that came along with a series of other Patch Tuesday fixes for the company to its users. It proved to be a busy week for security at Microsoft, and its a good thing at that.
Security at Microsoft is a major deal. This quick fix shows that no matter the cause, fixes and security are dealt with quickly and efficiently.