Microsoft Office warning: Windows 10 users need to update apps to stop new PC attack

If you use any of the hugely-popular Microsoft Office apps – including Word, Powerpoint, Excel, Outlook, and more – make sure you install the latest patch from Microsoft to ensure you’re guarded against an exploit that could enable cybercriminals to remotely take over your PC.

Of the 16 security updates rolled-out for Microsoft Office today, three are designed to patch the remote execution bug.

It affects several Microsoft Office apps, including Powerpoint 2010, 2013 and 2016. According to security-focused blog Bleeping Computer, Word 2016, 2013, and 2010, and Excel 2016, 2013, and 2010 can also be exploited in the same way. So, if you have any of those versions installed on your machine, you’ll need to install the patch as soon as possible.

Microsoft rated the remote code execution vulnerabilities as ‘Important’ – as these vulnerabilities could allow attackers to execute their own code on your machine, which could led to criminals siphoning off important credit or debit card details, or installing malware, ransomware, or other nasties on your machine.

To begin an attack – and takeover your computer – hackers would have to trick you into opening a specific file from an email, or to click on a certain link on a nefarious website. So, while it’s incredibly important to make sure you’re always running the latest version of any software – best practice when clicking on unknown emails and sites.

“A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory,” the advise from Microsoft states.

“An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

“Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”

To download the crucial update, you can head over to the Microsoft Download Centre to find the latest version of the app for your machine, or better yet, launch the Windows Update app on your Windows computer to get the update. To do that, head over to Start > Settings > Update and Security.

Choose Advanced Options. Then, under Choose How Updates Are Installed, choose the options that you want, including checking the Give Me Updates For Other Microsoft Products When I Update Windows checkbox, so you can get Office updates as well as Windows 10 operating system bumps.

And that’s it. From now on, Microsoft will install the latest Office updates and products onto your machine as soon as they’re available.

That means going forward you’ll be protected as soon as Microsoft issues an update for these issues, as it has now done with the Office vulnerability.

source: express.co.uk