Skip to main content

Security Alert: Microsoft Word Virus

Date:
2017-04-11 18:14:00
Status:
Closed
Brief Description:
Microsoft has identified a vulnerability in Word 2003-2013. Malicious documents can execute code to download malware. Disabling Macros is not sufficient but "protected mode" will subvert the attack. A Windows patch is now available via automatic updates.
Current Status:
Microsoft has released a patch for Office for Windows. Office for Mac has not yet been patched, however, work-arounds are available at https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199
Services Affected:
Not Applicable
Subsites Affected:
Security & Policy
Full Description:
Microsoft has identified a vulnerability in Word 2003-2013 versions. Malicious documents can execute code to automatically download malware and infect PCs. Disabling Macros is not sufficient but "protected mode" will subvert the attack.

Never download or open any Microsoft Word attachment from an unknown or suspicious source.

You can read more about the vulnerability at:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199

A Windows patch has been released by Microsoft and will be installed via automatic updates for affected versions. The Mac version of Office has not yet been patched, however, work-arounds are detailed in the link above.