Microsoft Office

Mac users warned that disabling all Office macros doesn’t actually disable all Office macros

It’s been almost 25 years since macro malware first reared its head, and it would be nice to think that the defences Microsoft has built into its Office suite in the years since would do a half-decent job of stemming the threat.

Unfortunately, it seems that’s not the case – at least not for users of the Mac version of Microsoft Office.

Read more in my article on the Hot for Security blog.

Microsoft issues advisory to users after macro-less malware attacks

Hackers have been found exploiting a freshly-uncovered vulnerability in Microsoft’s software to install malware on business computers.

Read more in my article on the Tripwire State of Security blog.

Microsoft patches Word zero-day vulnerability being actively exploited in attacks

Microsoft has issued patches for 44 vulnerabilities, 13 of which are rated “critical”.

Microsoft Office zero-day being exploited to spread malware, but no patch available… yet

Malicious hackers are exploiting an as-yet-unpatched security vulnerability in Microsoft Office products in attacks designed to secretly infect targeted computers with malware.

Read more in my article on the Hot for Security blog.

How to fight macro malware in Office 2016 and 2013

If you can control the macros you can control the threat.

Read more in my article on the Tripwire State of Security blog.

How to disable macros in Microsoft Office

Macros can be malicious, as David Bisson reports.

Make sure you have disabled them by default in Microsoft Office.

Where’s the macro? Malware authors are now using OLE embedding to deliver malicious files

Microsoft is warning of a rise in attacks using boobytrapped Word documents, with malicious content embedded within using OLE.

Banking malware spreading via Microsoft Word macros

Twenty years on, you might have imagined that macro malware would have been assigned to the dustbin of history. But sadly, it’s seeing something of a resurgence.

Zero-day targeted attacks via boobytrapped Word documents. Microsoft releases temporary fix

A previously unknown TIFF remote code execution vulnerability is being exploited by hackers in targeted attacks.

Microsoft has released a temporary workaround to protect users.

Microsoft goofs up Patch Tuesday, forced to re-release security patches

Microsoft can’t afford to keep messing up like this.

The risk is that millions of users around the world will begin to question Microsoft’s ability to properly patch security vulnerabilities, and lose trust in the firm.

Brace yourself. Critical security patches from Microsoft are just around the corner

On Tuesday, Microsoft will be releasing its latest bundle of essential security patches – protecting against exploitable vulnerabilities in various versions of Windows, Microsoft Outlook, Microsoft Office, Internet Explorer, Sharepoint and Frontpage.

Heads-up! If you use Internet Explorer, or MS Office on Windows *or* Mac, get your patches now!

Microsoft has released its regular monthly bundle of security fixes, known as “Patch Tuesday”. This time it doesn’t just mean security patches for vulnerabilities in software running on the Windows platform – Mac users could be at risk too.

Microsoft issues Windows security patches, but Office for Mac users left in the cold

Security patches for Windows and PowerPoint, but if you’re a user of older versions of Microsoft Office for Mac you’re left unprotected.

Mac users, Microsoft security updates are for you too

Users of the new Microsoft Office for Mac 2011 should install an important security update, or risk being exposed to an attack by malicious hackers.