Microsoft fixes bank-hacking Word flaw
Microsoft has fixed a vulnerability in all versions of Word that was being used to steal bank login details. Called ‘CVE-2017-0199’, the update was part of the company’s ‘Patch Tuesday’ security release for April, which comprised a total of 44 fixes.
The flaw was highlighted on 7 April by researchers at antivirus company Mcafee, which said it immediately contacted Microsoft Security Response Center.
A day later researchers at security specialists Fireeye said that they had detected the flaw several weeks earlier, and had been working with Microsoft to fix it.
At that point there had been no reports of the flaw being exploited by hackers. But two days later cybersecurity firm Proofpoint said it had spotted an email campaign that used the flaw to infect PCS with the Dridex malware.
Dridex is designed to steal login details for bank accounts. It’s thought that in 2015 hackers used it to steal more than £20m from Uk-based bank accounts.
Proofpoint said scammers were emailing malicious Word documents to “millions” of people (see screenshot), mainly in Australia. Opening the document infects the PC, giving hackers access to it.
The company said because of the “widespread effectiveness and rapid weaponisation” of the flaw all Windows users should make sure they have automatic updates turned on, so that Microsoft’s fix is applied immediately.
To do this in Windows 7 click your Start button, type windows update, click Windows Update under Programs, then click ‘Change settings’ on the left. Under ‘Important updates’ select ‘Install updates automatically (recommended)’.
In Windows 10 automatic updates are turned on by default. To check this on your PC, click the Start button, Settings, then ‘Update & security’. Click Windows Update on the left, then under ‘Update Status’ check whether your computer is up to date. If it’s not, click ‘Check for Updates’.