The newly discovered zero-day vulnerability (CVE-2017-0199) in Microsoft Office/WordPad is being actively exploited in the wild. Almost all Microsoft Office versions are affected with this bug. To fix this vulnerability, Microsoft released a security update on April 11, 2017.
According to Microsoft, the following are the affected products (past support life cycle products are not present in this list):
The vulnerability lies in Microsoft Office/WordPad and can allow remote code execution while opening a specially crafted office file. After a successful exploitation, the attacker can take control of the vulnerable system and will be able to download and execute malware on it.
Quick Heal Detections
Quick Heal has released the following detection for vulnerability CVE-2017-0199.
As malware actors have already started using this particular Microsoft Office exploit, we are expecting more malicious campaigns to be devised around it. As mentioned earlier, this vulnerability has been patched and the security updates are available for it. We strongly recommend users to apply the latest security updates released by Microsoft and also apply the latest security updates by Quick Heal.