WINDOWS 10 users need to be aware of a critical bug that affects one popular piece of Microsoft software.
By Dion Dassanayake , April 16,2018
Windows 10 users have been put on alert about a critical software vulnerability
Windows 10 fans have been put on alert about a critical bug which lets cybercriminals steal their username and password.
The vulnerability affects Microsoft’s Outlook software, and attackers can take advantage of it to steal Windows login credentials.
A hacker can get access to this sensitive information by convincing a victim to preview a rich text e-mail containing remotely hosted OLE objects.
Once that has been done, the vulnerability doesn’t require any additional interaction with the user.
OLE is a technology developed by Microsoft that allows embedding and linking to documents and other objects.
The vulnerability was first reported back in November 2016, but it has taken Microsoft more than a year to fix the issue.
To make sure you’re not at risk, ensure you download the latest Patch Tuesday release.
In an official post outlining the vulnerability, Microsoft said: “An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed.
“This vulnerability could potentially result in the disclosure of sensitive information to a malicious site.
“To exploit the vulnerability, an attacker would have to send an RTF-formatted email to a user and convince the user to open or preview the email.
“A connection to a remote SMB server could then be automatically initiated, enabling the attacker to brute-force attack the corresponding NTLM challenge and response in order to disclose the corresponding hash password.
“The security update addresses the vulnerability by correcting how Office processes OLE objects.”
The news comes after last month Windows 10 users were put on alert about another security issue.
The critical vulnerability let cybercriminals exploit Microsoft’s Windows Remote Assistance feature to steal any file from a victim’s computer.
These files, which may include sensitive data, could have been stolen without the victim’s knowledge.
The exploit affected all versions of Windows to date, including Windows 10, Windows 8.1, Windows 7 and Windows XP.
The vulnerability was discovered by Nabeel Ahmed of the Trend Micro Zero Day Initiative.
Ahmed explained in a blog post how, for the vulnerability to be exploited, the victim needed to use Windows Remote Assistance to ask for help from another user.
The person who requested assistance then needed to send a file, via e-mail or other means, named “Invitation.msrcincident.” to a third-party.
It’s this file that cybercriminals could then exploit to ensure they had access to victims’ sensitive data.
Ahmed said hackers could trick victims into handing over this file via a mass phishing scam.
In a post online, the Trend Micro expert said: “This XXE vulnerability can be genuinely used in mass scale phishing attacks targeting individuals believing they are truly helping another individual with an IT problem.
“Totally unaware that the .msrcincident invitation file could potentially result in loss of sensitive information.
“An attacker could target specific log/config files containing username/passwords.
“GDSSecurity also made a tool to automate XXE exfiltration of multiple files by brute-forcing certain directory locations.”
Microsoft fixed the issue in a Patch Tuesday release launched during March.