There's been a wave of malware attacks using a known security flaw in Microsoft Word. Thankfully, there's a fix available. So why are so many users getting infected?
First let's look at the attack. According to Naked Security, these Word-based attacks come via email. They've got a .doc Word file attached, and filenames like "Anti-Money Laundering & Suspicious cases.doc." They're actually .rtf, or Rich Text Format, files, with a hidden bug.
That bug contains the malware that will install if you open one of these email attachments. For this particular attack, there were two types of malware you could infect your computer with. "Toshliph" allows hackers to keep putting different malware on your computer, and "UWarrior" lets an attacker control your computer.
So, let's review the steps you need to take to keep from being victimized by this Microsoft Word vulnerability. First, keep your patches up to date. Microsoft released a patch for this way back in April. Click here to find out how to automatically patch your PC with every update.
Second, make sure your anti-virus program is current. If you don't have an anti-virus program, get one NOW! Whether you're on a PC or a Mac, you can find the best security software at the Komando.com Security Center.
And finally, NEVER open email attachments that are unsolicited or unexpected. These phishing attacks are the most common way for hackers to exploit you. If you're not familiar with phishing attacks, learn about them by clicking here.