A new zero-day flaw affecting all versions of Microsoft Office is being exploited in attacks in the wild, and no user is safe – not even those who use a fully patched Windows 10 machine.
Even worse: targets do not have to anything except run a malicious file in order to get compromised, as the exploit doesn’t require them to enable macros or do anything else.
ORIGINAL SOURCE: Help Net Security
The post MS Office Zero-day Exploited in Attacks – No Enabling of Macros Required! appeared first on IT SECURITY GURU.