MICROSOFT HAS taken the trouble to warn Windows users about an attack that takes what trust people have left in the software and throws it out of the window.
The firm explained that the problem involves macros and the use of social engineering. People are tricked into downloading and then enabling malicious content that ultimately leads to trouble when they innocently use Word.
“Attackers have been using social engineering to avoid the increasing costs of exploitation due to the significant hardening and exploit mitigation investments in Windows,” said the firm in a Microsoft TechNet blog post suggesting that this is a cheap shot by hackers.
“Tricking a user into running a malicious file or malware can be cheaper for an attacker than building an exploit which works on Windows 10. We recently came across a threat that uses the same social engineering trick but delivers a different payload.”
Microsoft explained that the payload’s primary purpose is to change a user’s browser Proxy Server setting, which could result in the theft of authentication credentials or other sensitive information.
“We detect this JScript malware as Trojan:JS/Certor.A. What’s not unique is that the malware gets into the victim’s computer when the victim clicks the email attachment from a spam campaign,” the post said.
Microsoft added that people really ought not to click on links from people or outfits that they do not know or trust.
This is good, if perhaps hoary and often ignored, advice.
“To avoid attacks like we have just detailed, it is recommended that you only open and interact with messages from senders and websites that you recognise and trust,” explained the firm.
“For added defence-in-depth, you can reduce the risk from this threat by following [our] guidance to adjust the registry settings to help prevent OLE Embedded Objects executing altogether or running without your explicit permission.”
Just don’t click untrusted links, people. µ