Home » Business » How does the virus get into the PC? Just open the specially edited Excel document

How does the virus get into the PC? Just open the specially edited Excel document

Errors affecting Microsoft Exchange Server (CVE-2021-42321) and Microsoft Excel (CVE-2021-42292) were reported this week by the US software giant when it released fixes for both vulnerabilities.

Unfortunately, this does not mean that the attackers have their hands tied if they want to exploit these cracks. This is because it has been confirmed several times in the past that many users and administrators do not worry too much about the installation of new updates, even a few months after their publication.

“Mail servers are an attractive target for attackers not only for the information in the e-mail boxes, but they are also an attractive tool for further spread of malware or intrusion into the organization’s network. These vulnerabilities therefore pose a high risk, especially in their combination, when the user account is compromised by phishing, which contains a faulty Excel document, and the subsequent misuse of this account to compromise the entire server, “security experts from NÚKIB warned.

Vulnerability in Microsoft Excel affects both Windows and macOS platforms. However, the patch has so far been released only for the first mentioned operating system, for the Apple platform it should be available within a few days.

The attack begins by sending a specially modified Excel document as an attachment to the unsolicited e-mail. If the user opens it, the malicious code will be released directly into their computer due to the vulnerability.

The patch must be installed by an administrator

“An Exchange Server vulnerability allows code to run remotely on a server if an attacker gains access to it under any account. A proof-of-concept has already been released on the vulnerability, according to Microsoft, the vulnerability is currently being actively exploited and an increase in cases can be expected. After ProxyLogon and ProxyShell, this is the third serious vulnerability of the Exchange Server this year, enabling remote compromise, “NÚKIB employees warned.

They recommended that users do not delay installing updates. Otherwise, they are exposed to a high security risk. In the case of Exchange Server, however, remediation is on the side of the administrators of the affected servers.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.