Australians are being urged to avoid certain Microsoft Office documents that have been loaded with malware that could allow hackers to take over personal devices.
Any device that operates on Microsoft Windows is currently vulnerable to this attack.
Microsoft said it was currently investigating this “remote code execution vulnerability” that potentially allows malicious actors to remotely control computers.
“An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine.”
It appears the main danger is opening the actual document, which would leave the victim exposed to having their device remotely controlled.
“The attacker would then have to convince the user to open the malicious document.”
Users who have administrative user rights are more impacted by this attack than users whose accounts are configured to have fewer rights.
identified a limited number of targeted attacks. To protect customers, please see https://t.co/6dFo6QAMcF for mitigation guidance.
— Security Response (@msftsecresponse) September 7, 2021
How do I protect myself?
But there are temporary mitigating measures and workarounds that can help protect you in the meantime.
This includes making sure you open documents in Protected View or Application Guard for Office, both of which Microsoft said would prevent the attack.
Meanwhile, if you use Internet Explorer, you should “disabl[e] the installation of all ActiveX controls”.
Microsoft also said that their Defender Antivirus and Defender for Endpoint should also protect against this vulnerability.
In the meantime, keep an eye out for any suspicious documents and for security updates from Microsoft.
“Customers should keep anti-malware products up to date. Customers who utilise automatic updates do not need to take additional action,” Microsoft stated.
After finishing the investigation, the tech giant will “take the appropriate action” to protect customers, its security update said.
“This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.”
WATCH BELOW: 4 Tips for Spotting and Avoiding Common Scams
The hackers were from an organisation called Hafnium, a state-sponsored group operating out of China, which exploited Microsoft’s email service, gaining access to computers.
Vulnerabilities exploited by hackers would allow an attacker to write files, execute code and have a high degree of access to the Microsoft Windows operating system.
More broadly, Australians are being increasingly urged to be more careful about suspicious texts, emails or phone calls that may spoof well-known and trusted organisations like Australia Post, or Big Banks, but are in fact scammers hoping to steal personal and banking information.