Barney's Blog

Blog archive

Time To Patch

Patches, it turns out, are only effective if they are installed. That is the case with Office, which got a fix for a Rich Text Format hole in November. Hackers know that many machines don't get patched, and the patch itself is a blueprint for how to attack these unpatched machines. Some hacker dweeb has done just that, posting code that exploits this hole.

Suites from Office XP all the way up to Office 2010 are vulnerable, and the posted code lets hackers gain full privileges, mess with your data, and install malware.

Posted by Doug Barney on 01/10/2011 at 1:18 PM


Featured

  • Microsoft Issues Windows Server HTTP/2 Attack Advisory

    Microsoft issued Security Advisory ADV190005 on Wednesday concerning a potential HTTP/2 settings issue for users of Internet Information Services (IIS) on Windows Server.

  • Performing a Storage Refresh on Windows Server 2016, Part 2

    Earlier, Brien walked through the steps of preparing a physical Windows Server 2016 machine for a storage refresh. Now, he shows how to complete the process, all the way to OS restoration.

  • New Office App Coming to Windows 10 Users

    Microsoft is delivering a new Office app for Windows 10 consumer and business users over the new few weeks, according to a Wednesday announcement.

  • Microsoft Warns .NET Core 1.0 and 1.1 Losing Support in June

    Microsoft gave notice this week that .NET Core 1.0 and 1.1 will fall out of support on June 27, 2019.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.