Word, Excel, Powerpoint users, government has a warning for you, here’s what you can do
CERT-In has issued a new warning for a bunch of Microsoft products. The government body has found a new vulnerability in Microsoft Office and Windows HTML. According to the report, this vulnerability may allow remote attackers to execute arbitrary code on the targeted system and compromise with data and security of the device.
For those unfamiliar with CERT-IN, it is a nodal agency under the Ministry of Electronics and Information Technology. It deals with cybersecurity threats like phishing and hacking.
What the government has said
CERT-In has mentioned that a new vulnerability has been found in Microsoft Office and Windows HTML. If a hacker or attacker manages to exploit them, they can execute arbitrary code on the targeted system remotely.
Applications affected
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft Word 2016 (64-bit edition)
Microsoft Word 2016 (32-bit edition)
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Office 2019 for 64-bit editions
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Microsoft Office 2019 for 32-bit editions
Windows Server 2012 R2 (Server Core installation)
Why these vulnerabilities exist
As per the report, this vulnerability exists in Microsoft Office & Windows HTML due to insufficient validation of user-supplied input when handling cross-protocol file navigation. An attacker could exploit this vulnerability by persuading a victim to open a specially crafted file.
What users can do
CERT-In has advised that users who use Microsoft Defender for Office are protected from attachments that attempt to exploit this vulnerability.
In current attack chains, the use of the Block all Office applications from creating child processes’ Attack Surface Reduction Rule will prevent the vulnerability from being exploited.
Organisations who cannot take advantage of these protections can add the following application names to this registry key as values of type REG_DWORD with data 1.:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION
1. Excel.exe
2. Graph.exe
3. MSAccess.exe
4. MSPub.exe
5. PowerPoint.exe
6. Visio.exe
7. WinProj.exe
8. WinWord.exe
FacebookTwitterLinkedin
end of article
CERT-In has issued a new warning for a bunch of Microsoft products. The government body has found a new vulnerability in Microsoft Office and Windows HTML. According to the report, this vulnerability may allow remote attackers to execute arbitrary code on the targeted system and compromise with data and security of the device.
For those unfamiliar with CERT-IN, it is a nodal agency under the Ministry of Electronics and Information Technology. It deals with cybersecurity threats like phishing and hacking.
What the government has said
CERT-In has mentioned that a new vulnerability has been found in Microsoft Office and Windows HTML. If a hacker or attacker manages to exploit them, they can execute arbitrary code on the targeted system remotely.
Applications affected
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft Word 2016 (64-bit edition)
Microsoft Word 2016 (32-bit edition)
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Office 2019 for 64-bit editions
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Microsoft Office 2019 for 32-bit editions
Windows Server 2012 R2 (Server Core installation)
Why these vulnerabilities exist
As per the report, this vulnerability exists in Microsoft Office & Windows HTML due to insufficient validation of user-supplied input when handling cross-protocol file navigation. An attacker could exploit this vulnerability by persuading a victim to open a specially crafted file.
What users can do
CERT-In has advised that users who use Microsoft Defender for Office are protected from attachments that attempt to exploit this vulnerability.
In current attack chains, the use of the Block all Office applications from creating child processes’ Attack Surface Reduction Rule will prevent the vulnerability from being exploited.
Organisations who cannot take advantage of these protections can add the following application names to this registry key as values of type REG_DWORD with data 1.:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION
1. Excel.exe
2. Graph.exe
3. MSAccess.exe
4. MSPub.exe
5. PowerPoint.exe
6. Visio.exe
7. WinProj.exe
8. WinWord.exe
FacebookTwitterLinkedin
end of article
Denial of responsibility! Techno Blender is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.