ActiveX control in Word file downloads malware to unpatched PCs, says McAfee.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&a...
One of the very few attack vectors available to lowlifes intent on invading a Mac involves Word Macros. Of course these can also attack Windows so the savvy computer user be they Mac or Windows based, will have turned off the relevant settings in Word that enable these macros to run, and be very wary of receiving Word documents by email. Even docs on a cd/dvd can be infected.
So here we have another use available to the online lowlifes courtesy of Microsoft.
""Inside the document is an ActiveX control, and in that control is a line that makes it call out to the site that's hosting the malware," said David Marcus, director of security research and communications for McAfee Inc.'s Avert Labs. "This is a pretty insidious way to attack people, because it's invisible to the eye.""
Malicious ActiveX in Word docs isn't new, but this is a new way of using it.
So be careful people. Even if you have applied the recently issued IE patch, you should still say no to Word docs. At least until you know they are safe.
--
Professional freelance creative writers for hire in Dubai, UAE, and England.
Creative writing, formal, business, website copy, study, copywriting, editing, job applications