Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Microsoft unveils potentially serious Office security flaw — but you probably should be safe

Microsoft Office.

Microsoft has unveiled a potentially disruptive flaw found in multiple versions of its Office office software suite which could allow threat actors to access sensitive information. 

The flaw is described as an information disclosure weakness, and is tracked as CVE-2024-38200. It affects both 32-bit and 64-bit versions of the product, including Office 2016, Office 2019, Office LTSC 2021, and Microsoft 365 Apps for Enterprise. 

Microsoft argues that threat actors most likely won’t seek to exploit the flaw, since it requires heavy interaction from the victim’s side, and mainly affects older version of Office not in use for many users these days.

Feature Flighting

"In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability," Microsoft said in its advisory. 

"However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file."

While this sounds like a lot of work, we’ve seen threat actors successfully pull off even more complex attacks that require victims to take multiple steps.

In any case, Microsoft fixed the vulnerability via Feature Flighting on July 30, BleepingComputer reports. 

"No, we identified an alternative fix to this issue that we enabled via Feature Flighting on 7/30/2024," reads the updated CVE-2024-38200 advisory. "Customers are already protected on all in-support versions of Microsoft Office and Microsoft 365. Customers should still update to the August 13, 2024 updates for the final version of the fix."

Those that are unable to apply the patch can work around the issue by blocking outbound NTLM traffic to remote servers. More details about the mitigation measure can be found here

Via BleepingComputer

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.