Microsoft urges Office users to block Flash Player attacks
Suggests configuring advanced blocking tool to protect Excel 2007 and older
Computerworld - Microsoft yesterday urged users of older Office suites to install and run a complicated tool to protect themselves against ongoing attacks exploiting an unpatched bug in Adobe's Flash Player.
"For users of Office prior to 2010, the Enhanced Mitigation Experience Toolkit (EMET) can help," said Andrew Roths and Chengyun Chu, a manager and security engineer, respectively, with the Microsoft Security Response Center (MSRC). "Turning on EMET for the core Office applications will enable a number of security protections called 'security mitigations'," the pair wrote in a Thursday post to the company's Security Research & Defense blog.
EMET is a tool designed for advanced users, primarily enterprise IT pros, that manually enables ASLR (address space layout randomization) and DEP (data execution prevention) for specific applications. ASLR and DEP are two anti-exploit technologies included with Windows.
On Tuesday, Adobe confirmed that attackers were exploiting an unpatched bug in Flash Player by sending potential victims malicious Microsoft Excel documents.
Excel is the spreadsheet bundled with the Office suite.
According to Roths and Chu, Excel 2010, the version included with Office 2010, is not susceptible to the attacks now in circulation because that edition of the spreadsheet has DEP enabled. "The current attacks do not bypass DEP," they said.
Excel 2010 further protects users by isolating malicious files inside Office 2010's "Protected View," a "sandbox" that prevents attack code from escaping the application.
But people running older versions of Excel -- including the versions in Office 2007 and 2003 -- are not protected by DEP or Protected View.
Microsoft has recommended EMET before as a stop-gap defense when Adobe zero-days have hit the street. In September 2010, Microsoft told users to configure EMET to block attacks exploiting a then-unfixed flaw in Adobe Reader.
EMET 2.0 is a free download available from Microsoft's site. After downloading and installing EMET, users must manually configure the tool to add protection to Office's applications, Excel included, and perhaps their browser(s) as well.
Adobe plans to patch the Flash Player vulnerability sometime next week.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is email@example.com.
Read more about Security in Computerworld's Security Topic Center.
- The Pivotal Big Data Suite- Reducing the Risks of Big Data The explosion of big data and the rapid evolution of big data tools and technologies is challenging IT to meet the demands of...
- A Survival Guide for Data in the Wild All corporate data used to reside in the data center. Safe and sound behind the corporate firewall. But now, employees have multiple devices...
- Transforming Security: Designing a State-of-the-Art Extended Team The information security mission is no longer about implementing and operating controls.
- The Big Data Security Analytics Era Is Here New security risks and old security challenges often overwhelm legacy security controls and analytical tools.
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!