Extremely Dangerous Microsoft Office bug Finally Patched After 17 Years

Microsoft Office logo Shutterstock KK

As a part of its month-to-month ‘Patch Tuesday’ updates, Microsoft yesterday launched its November 2017 safety patches to resolve 53 vulnerabilities throughout lots of its merchandise, together with Home windows, Workplace, Web Explorer, Microsoft Edge, ASP.NET Core, .NET Core and the Chackra Core browser engine. There have been no zero-day vulnerabilities fastened this time spherical, however the one patch that’s seemingly obtained everyone speaking is a 17-year-old distant code execution bug (CVE-2017-11882) present in an Workplace executable known as Microsoft Equation Editor. The bug impacts all variations of Microsoft Workplace from the previous 17 years on all Home windows variations together with Home windows 10 Creators Replace.

The bug was found not too long ago by a staff of cyber safety consultants at Embedi and was detailed in a report that was launched yesterday. Whereas the researchers described it as “extraordinarily harmful”, Microsoft appeared to downplay it, solely describing the replace as ‘essential’. The Microsoft Equation Editor, which had the long-standing bug, was first launched in 2000 and, was put in by default with Workplace 2000 and Workplace 2003. The applying is used to insert and edit advanced equations as Object Linking and Embedding (OLE) objects in Microsoft Phrase paperwork. Though it has been changed by newer software program in later variations of Workplace, among the code needed to be left behind for backwards compatibility with older recordsdata that used the OLE-based (EQNEDT32.EXE) equations.

The researchers are advising that everyone with MS Workplace put in on their programs instantly set up the replace and likewise disable EQNEDT32.EXE within the Home windows registry to forestall any future issues. In line with them, “By inserting a number of OLEs that exploited the described vulnerability, it was doable to execute an arbitrary sequence of instructions (e.g. to obtain an arbitrary file from the Web and execute it) … As a result of the element has quite a few safety points and the vulnerabilities it comprises may be simply exploited, the best choice for a consumer to make sure safety is to disable registering of the element in Home windows registry”.