Protect your systems from Microsoft Office vulnerabilities

Here’s how to stay safe in the face of rising attacks

By Mark Hoffman

A leader in the IT industry for nearly three decades, Hoffmann has helped small and large businesses take advantage of technology to better serve their customers and employees. Hoffmann is owner of CMIT Solutions of SE Wisconsin.

Last week, cybersecurity experts announced several different security flaws in the popular Microsoft Office productivity suite.

The first unpatched vulnerability affects Office and Windows products, according to an urgent warning from the software giant. Microsoft documented “a series of remote code execution attacks” that try and trick users into opening specially crafted Office files like Excel spreadsheets and PowerPoint presentations. If the documents are opened, malware can be installed immediately on affected computers, stealing data and compromising credentials.

Microsoft said the issue may be addressed by an out-of-cycle security update, although systems already using the security add-on Defender for Office are protected from attachments that attempt to exploit this vulnerability. But without Defender in place—or enhanced network security from a trusted IT provider protecting your systems—a vulnerability like this one can continue to be exploited until a patch is released.

A separate security bulletin from Microsoft outlined a phishing campaign that leverages a similar Office exploit but with infected Word documents. Early reports indicate that Russian spies and international cybercriminals may be using this scam to target defense contractors and government entities in Europe and North America.

A patch for this particular flaw was released last week, alongside fixes for nine other problems rated “critical,” Microsoft’s highest severity rating, and five bugs listed in the company’s “exploitation-detected” category.

Finally, international cybersecurity firm Kaspersky revealed a surge in the number of recent cases of hackers exploiting a years-old vulnerability that affects Microsoft Office 2007, 2010, 2013, and 2016. According to researchers, 11,394 users encountered these types of attacks in the second quarter of 2023, an increase of 483% compared with the first quarter of 2023, when only 1,954 cases were documented.

This scheme targets users who have opted out of transitioning Microsoft Office licenses to the suite’s newer subscription-based model, often leaving their older versions of the application unprotected by automatic security updates. Unlike the other scams, though, this vulnerability can be exploited to install malware and ransomware in the background of a computer, without the user taking any action.

What Can You Do to Protect Your Business and Your Systems?

  • Assess critical business applications and operating systems as soon as possible. Microsoft has become more aggressive about announcing “end of life” dates well in advance of the time that support will no longer be extended to certain apps. Still, the threat is serious: In 2017, just a few months after support for Windows XP ended, the massive ransomware attack WannaCry took advantage of an unpatched vulnerability to target hospitals, prominent corporations, and international supply chains, eventually exacting more than $5 billion in economic damages. If you have a trusted IT partner keeping watch around the clock on your company’s computers, laptops, networks, and servers, security patches and software updates released by Microsoft to address vulnerabilities will be automatically deployed.
  • Turn on multi-factor authentication (MFA). This is the most straightforward way to avoid ransomware—particularly the kind that uses infected documents to try and execute malicious password-stealing code or infiltrate desktops using stolen administrative privileges. MFA adds an extra step to the login process, requiring a user to enter their password along with a unique code (typically delivered by text or email) to confirm their identity. MFA can mitigate the impacts of a weak or reused password being stolen and provide an extra line of defense for email accounts, business applications, social media applications, and online identities.
  • Carefully consider upgrading your Microsoft Office plan. Microsoft often highlights security issues as a way to boost upgrade numbers and convince even more users to flock to its subscription-based Microsoft 365 offering. But not every computer needs such advanced applications—and with extra protections in place, older versions of Word, Excel, Outlook, and PowerPoint can be used safely. If you do want to move up to a newer version of the productivity suite, install it on one computer first so you can explore new features at your own pace—without disrupting day-to-day operations for everyone at your business.
  • Beware of phishing emails that promote upgrades or security concerns. Big cybersecurity news can be confusing, especially for small to medium-sized businesses that just want their computers to keep working. Hackers often capitalize on such current events, sending out fake emails or text messages that claim to come from Microsoft, other software providers, and even IT departments. These communications may include supposed links to free upgrades or requests to confirm login credentials, but typically they’ll redirect users to malicious sites or deploy malware or ransomware on your computer. Microsoft’s licensing verification process never occurs via email or text message—and, with the help of a trusted IT provider, you can rest assured that any upgrades will be deployed safely and securely.
  • Implement extra layers of network security. These start with regular, remote, and redundant data backup, which can be a lifesaver if information is ever stolen or ransomware is ever installed on computers. At CMIT Solutions, we also specialize in proactive maintenance and monitoring, advanced firewalls and antivirus protections, endpoint encryption, security incident monitoring, and other enhanced layers of protection that can stop problems before they spread. Many times, these extra tools provide the security necessary to mitigate vulnerabilities and prevent hackers from accessing your machines.

Over the last 25 years, CMIT Solutions has helped thousands of clients across North America navigate the ever-changing landscape of Microsoft products. We roll out security patches and software updates automatically while taking a careful, budget-conscious approach to upgrades. We offer comprehensive IT support that solves today’s problems and ensures smooth day-to-day operations—all while setting your business up for sustained success in the future.

If you need help understanding Office vulnerabilities or checking to see whether cybersecurity protections are in place on your computers, contact us today.