StorageCraft Technology Corporation
X

Windows Dridex Bug Patched, Allowed Malware in Word Files

Researchers from security software firm McAfee recently discovered a vulnerability in Microsoft Office that may have infected millions of users. Attackers exploited a software bug that allowed them to embed Dridex malware into Word documents. The infected documents were then spammed across the web as attachments to emails. A number of organizations were reportedly targeted in the attack, including banks and other businesses in Australia. Microsoft released a patch on Tuesday that fixed the Windows Dridex bug.

Windows Dridex Bug Used to Steal Millions from Banks

The Dridex malware has been wreaking havoc on the online banking industry since 2015. Typically distributed through spam and malicious email attachments, this malware, when executed, downloads and installs a Trojan from a hijacked remote computer.

Dridex can monitor the victim’s online banking activity. It uses a keylogger to steal their login credentials and financial data as they type it into the system. In 2015, hackers stole £20 million and $10 million from UK and US victims respectively, using the Windows Dridex bug.

This particular attack is noteworthy for a couple of reasons. Unlike previous versions of Dridex, this variant didn’t required macros enabling in order to trigger the infection. Instead it relied on a zero-day vulnerability by exploiting a weakness previously unaddressed and therefore unpatched by Microsoft. Dridex malware was able to compromise all versions of Microsoft Word, including the latest version bundled into Windows 10.

The weak link was an Office feature called Object Linking and Embedding (OLE). A Microsoft proprietary technology, OLE lets you move data from one document or application into another. While it comes in handy when working with presentations and spreadsheets, the feature is a dream come true for crafty hackers. An OLE vulnerability could enable a remote attack that bypasses security features and tricks users into opening a document that contains the infected object.

Data Protection Starts with a Backup

In theory, the latest Windows patch would provide automatic protection for all users affected by the attack. Windows 10 is one of the most secure operating systems on the market. However, the alarming effectiveness of Dridex once again proves that no system is ever completely secure.

The latest Windows Dridex bug isn’t the first and won’t be the last vulnerability to put countless users at risk. With that said, there’s a few ways you can defend against this and similar attacks:

A data protection strategy is the key to keep yourself safe – prevent security breaches and make sure you can always recover as soon as possible, to keep your business intact and running.

Categories: Uncategorized
Tags: malwareWindows Dridex bugWindows vulnerability
Contel Bradford: Contel Bradford is a professional of many trades-- aspiring screenwriter, affiliate marketer in training, published author. He excels at writing articles about internet technology, specializing in topics that range from email marketing and web hosting to social media and SEO. Learn more about this multi-talented man of mystery at contelbradford.com.