Check Point Research details four vulnerabilities in Microsoft Office – Update ASAP

Share on facebook
Share on twitter
Share on linkedin
Share on email

Delaying updates until a more convenient time is something many of us do especially given South Africa’s current woes with loadshedding.

While it’s fine to delay an update it’s recommended that you update software as soon as you can. Why? Well, as we’re about to showcase, vulnerabilities that can be exploited by ne’er-do-wells can be found at anytime.

Check Point Research has detailed four vulnerabilities within the Microsoft Office Suite it has discovered. Thankfully, the discovery was responsibly disclosed to Microsoft and the vulnerabilities have been addressed.

So what was the vulnerability?

Using a vulnerable function within MSGraph (a Microsoft Office component used to display graphs and charts) Check Point Research, an attacker could execute code on targets using malicious Office documents.

The researchers believe the vulnerability exists because of parsing mistakes in legacy code found in Excel95 file formats. It’s unclear how long this vulnerability has existed.

“The vulnerabilities found affect almost the entire Microsoft Office ecosystem. It’s possible to execute such an attack on almost any Office software, including Word, Outlook and others. We learned that the vulnerabilities are due to parsing mistakes made in legacy code. One of the primary learnings from our research is that legacy code continues to be a weak link in the security chain, especially in complex software like Microsoft Office,” head of cyber research at Check Point Software, Yaniv Balmas said in a statement.

The attack works like this:

  • Victim downloads a malicious Excel file (XLS format). The doc can be served via a download link or an email, but, importantly, the attacker cannot force the victim to download it
  • The victim opens the malicious Excel file
  • The vulnerability is triggered

 

As mentioned, Microsoft has already patched the vulnerabilities. CVE-2021-31174, CVE-2021-31178, and CVE-2021-31179 were patched some time ago and CVE-2021-31939 was patched on Tuesday 8th June.

“Even though we found only four vulnerabilities on the attack surface in our research, one can never tell how many more vulnerabilities like these are still laying around waiting to be found. I strongly urge Windows users to update their software immediately, as there are numerous attack vectors possible by an attacker who triggers the vulnerabilities that we found,” adds Balmas.

We suggest taking Balmas’ advice and updating Windows as soon as possible.

[Image – CC 0 Pixabay]

Brendyn Lotz

Brendyn Lotz

Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.

NEWSLETTER

BE THE FIRST TO KNOW