Yawn
Another day hour, another Microsoft problem.
Wake me up when they manage to bring out something that's actually safe, because THAT would be news.
A booby-trapped .RTF file is doing the rounds that combines two publicly available Microsoft Office exploits. Opening the document in a vulnerable installation of Office is supposed to lead to arbitrary execution of any malicious code within the file. Cisco's security outfit Talos believes "the attackers used the combination …
I'm on LibreOffice for home use.
We actually managed to use it in the office :). We've got a few people on 5.4, the rest on the latest 5.3. The only major irritation is that LO's update process seriously sucks if you don't speak American because an update involved updating the main package, then applying a language pack, then setting the application to the language pack's language instead of the language pack doing that by itself.
Leaving that aside it's OK because it gets rid of the need to run one specific OS. Techs run it on Linux, office staff run it on macos.
It all boils down to using some common sense when opening stuff from any source.
FTFY.
Or are you the kind of guy who opens attachments from your pal Fred with the subject line "You'll never guess what happens next!" Faking the sender address is fairly common. Digging into the address book on a compromised machine is perhaps less common than it used to be, but still happens.
As far as I'm concerned, "only open stuff if you know who sent it" is bad advice. Well-intentioned, but incomplete enough to be dangerous.
Digging into the address book on a compromised machine is perhaps less common than it used to be, but still happens.
I've given you an upvote for that, because I've seen that happen with targeted attacks. Someone trying to mount an APT starts with mining stolen databases for any email addresses of the target company and then calmly loads up an email attack. It only takes one person to make a mistake, and sadly, most email admins are not versed enough in security to reject emails purporting to come from a company address if they originate from outside.
Secondly, the above is just one risk vector. There's also the trusted insider..