Microsoft Office Flaw Could Hand Your Data to Hackers – Update ASAP!

Microsoft has discovered a flaw in Office software that could expose sensitive information. Though it requires significant user interaction, the vulnerability affects older versions like Office 2016 and Office 2019.

3P
Published: August 12, 2024 1:51 pmAdded: August 12, 2024 at 7:21 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Well, it looks like Microsoft Office just got a bit more ‘open’ than intended. Forget about Excel formulas for a second, now it’s time to master the art of avoiding sketchy links!

Key Points:

  • Microsoft Office versions from 2016 to Microsoft 365 Apps for Enterprise have a newly discovered vulnerability.
  • The flaw, CVE-2024-38200, is an information disclosure weakness that could potentially expose sensitive data.
  • Exploitation of the flaw requires significant user interaction, like visiting a malicious website and opening a crafted file.
  • Microsoft mitigated the issue via Feature Flighting on July 30, and recommends updating to the August 13, 2024, patch for a final fix.
  • Users can also mitigate the risk by blocking outbound NTLM traffic to remote servers.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?