Microsoft Office fixes four security vulnerabilities: Here's why users need to update right away

In order to patch the security flaws, users will need to go through Windows Update. — 123rf

Microsoft Office users need to update their software right away, as the office suite has just received important critical security patches to fix four security flaws in Microsoft Word, Excel, PowerPoint, Office Web according to cybersecurity firm Check Point Research.

Security flaws in the Microsoft Office software were previously identified by the cybersecurity firm, which would allow an attacker to take control of a computer, read and access files — and even install ransomware on it, locking its files behind a password until a specified sum of money is paid, usually in cryptocurrency.

According to Check Point Research, the weaknesses were spotted in a tool found in the Microsoft Office software called MSGraph. This package is extremely old and was being used by the office suite since 1995.

"The vulnerabilities are the result of parsing mistakes made in legacy code found in Excel95 File Formats, giving researchers reason to believe that the security flaws have existed for several years," the company said in a blog post.

Microsoft Office vulnerabilities are not uncommon, considering the large codebase that has expanded to add new features and functionality over the years. The company regularly updates its software with performance improvements and security fixes, such as the recently issued update to fix the security flaws detected by the security firm.

Check Point Research says that it discovered the flaws by "fuzzing" MSGraph which is used to display charts and graphs inside the Microsoft Office suite. The term fuzzing refers to a technique to automatically find coding errors and security loopholes in software by randomly feeding invalid and unexpected data inputs into a program, to discover software bugs that can be exploited.

In order to patch the security flaws, users will need to go through Windows Update. Here are the steps to follow in order to stay protected from the newest Microsoft Office security flaws:

Step 1: Click the Start button and go to Settings, then click on Update and security, then click Windows Update

Step 2: Check for updates manually on the main screen, then go to Advanced options and select the Automatic (recommended) option under Choose how updates are installed.

Step 3: (Optional) Restart your desktop or laptop computer once the updates are installed.

"Even though we found only four vulnerabilities on the attack surface in our research, one can never tell how many more vulnerabilities like these are still laying around waiting to be found. I strongly urge Windows users to update their software immediately, as there are numerous attack vectors possible by an attacker who triggers the vulnerabilities that we found," said Yaniv Balmas, Head of Cyber Research at Check Point Software. – Hindustan Times/Tribune News Service

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3
Join our Telegram channel to get our Evening Alerts and breaking news highlights



Next In Tech News

Meet Imagen, Google’s new AI that turns text into images
Booking hotels online: Why you can never trust reviews 100%
Dyson shows off robotic arm that can find crisps at back of your sofa
Four years on, is the GDPR a pain or a forerunner in data protection?
Research: Google Chrome only blocking a quarter of phishing websites
Google Street View’s ‘time travel’ feature comes to smartphones
Meta eyes profits with new WhatsApp platform for businesses
Amazon investor proposal to review plastic use narrowly fails to clear
Transport Canada probing cause of Tesla fire in Vancouver
Binance registers with Italy's regulator amid plans to expand in Europe

Others Also Read