Can Microsoft s 17 year old vulnerability be prevented?

This vulnerability affects all currently popular versions of Office, including Office 2007, which is currently discontinued, and once a user opens a malicious document, it will be implanted with a backdoor Trojan without any other operation, and the criminals will take full control of the computer.

Due to the simple principle and stable exploitation of this vulnerability, it is very likely that it will be exploited on a large scale in the future, and the Tencent Security Joint Laboratory Anti-Virus Lab will continue to follow up on the exploitation of the vulnerability and provide timely feedback to the public on the domestic impact. At the same time, users are reminded to improve their security awareness, use Tencent PC Manager to update system patches in a timely manner, and do not click on unknown email attachment documents to protect computer security.

The vulnerability (CVE-2017-11882) was made public, meaning that anyone could exploit this vulnerability to launch an attack, such as tricking people into clicking through phishing emails or network-shared office documents. If you accidentally open a malicious document, your computer can be remotely controlled by hackers. Tencent's Hubble analysis system has since captured a number of exploit samples, but most of the samples during this time period were used for testing, and there is not enough evidence that they were used to launch malicious attacks.

Based on the security researchers of Embedi, Tencent PC Manager security experts further studied and analyzed the vulnerability and found that the exploit method is simple and stable, and there are other vulnerabilities in the module, which are very likely to be exploited by criminals. Subsequently, the analysis results will be reported to Microsoft officials as soon as possible, and a security reminder will be issued to remind users to pay attention to the update patch.

Has the computer been poisoned? It is better for the landlord to use some security software for antivirus as soon as possible. You can use Tencent PC Manager to try it out, he can effectively scan the software on the computer to check for viruses, and at the same time, it can also intelligently identify phishing** and eliminate malice**.

When the landlord pays on the computer in the future, he must remember not to click on the unknown link casually to prevent the computer from being poisoned again, which will cause losses.

The latency of a vulnerability is also an important factor in assessing the impact of a vulnerability. The large time span means that there are more devices using these vulnerabilities during this period, and the probability of exploitation will be higher.

Ma Jinsong, a security expert at Tencent PC Manager and head of the Anti-Virus Laboratory of Tencent Security Joint Laboratory, suggested that users should not click on unknown email attachments at will, and use Tencent PC Manager to fix vulnerabilities, or use Tencent PC Manager Office to protect against such vulnerability attacks.

Ma Jinsong, a security expert at Tencent PC Manager and head of the Anti-Virus Laboratory of Tencent Security Joint Laboratory, suggested that users should not click on unknown email attachments at will, and use Tencent PC Manager to fix vulnerabilities, or use Tencent PC Manager Office to protect against such vulnerability attacks.

The so-called system vulnerability is that the core service software of the system has a defect that can be exploited by bad actors and has not been discovered, unless you don't use the computer, there is no way to prevent it.

For example, if you walk and you may fall, you won't stop walking because of that, right?

Financial companies have professional hardware firewalls and professional security experts, even if there are vulnerabilities, there is no need for ordinary people to worry.

You need to use some antivirus software for this.

I suggest that you should be vigilant when opening documents with Microsoft Office in the future, especially for document attachments in emails. At the same time, the "virus scanning" function of Tencent PC Manager should be kept in an effective state to ensure that similar new vulnerabilities are not maliciously exploited. In addition, turning on Protected View in Office can mitigate the attack.

Tools Raw materials.

Method steps.

Open the [Toolbox] button of PC Manager, and then click Fix Vulnerability, which will automatically patch Windows vulnerabilities to ensure the security of your computer.

end precautions.

The computer often prompts that there is a vulnerability in the system, and it is best not to go through software updates and patches. Our computers will generally install some security guards, such as 360, Kingsoft, etc., these so-called security guards will often prompt us to fix vulnerabilities, sometimes a dozen, sometimes even more, should we really fix these vulnerabilities? Why can't it be patched?

Reason: If your computer is a genuine Microsoft system, such as Home Normal, then you may see a lot of bugs on the first day of buying a computer and are busy fixing them. It is important to note here that the vulnerability is being fixed.

360 Security Guard prompts the vulnerability is to try not to update the vulnerability, it is best to ignore it, otherwise your computer will become more and more stuck! The reason is very simple, these security guards will prompt vulnerabilities when they find conflicts with their own software when they are running, and then carry out the so-called system to refer to early updates. Doing so will only change the good operating environment and compatibility of the computer itself.

Take Lenovo as an example, the system that Lianwei Zhaiqi wants has been installed for us when it leaves the factory, and the compatibility between the system and computer hardware is very good. If you use 360 and other software, there will be some conflicts with the software, this is the security guard will mention the draft to show you to update the vulnerability, what Trojan virus vulnerability, don't be gullible. Once we update the vulnerability, the original compatibility will change, causing the computer to be very stuck and running slower and slower.

What do you do: Turn off bug fixes.

Here take 360 as an example, open Security Guard and select System Repair.

Click the settings button below – to enter the settings interface.

Change the scanning prompt method to not scan for high-risk vulnerabilities when the computer is turned on. Click OK.

Recommendation: Do not update any vulnerabilities via software.

High-risk vulnerabilities can directly lead to hackers invading computers on the Internet, obtaining computer administrator permissions, implanting password viruses or peeping into privacy and other illegal behaviors, which are recommended to be fixed.

Other vulnerabilities and optional patches are generally not likely to cause security risks to the computer and can be left unfixed.

If you install a patch that does not need to be installed, it will not only waste system resources, but also may cause a system crash, PC Manager Vulnerability Repair will intelligently install the patches that your computer really needs according to your computer environment, save system resources, and ensure computer security.

The new vulnerabilities are also worm-like vulnerabilities, meaning that hackers can use them to spread malware from one machine to another without requiring any interaction from the user.

That is, if there is important information stored on the computer, but there is such a vulnerability that has not been fixed, then it is easy for hackers to steal important information.

It's as if a bug is a worm bug. Malicious software can be transmitted from one computer to another.

It feels like the leakage of user information and the insecurity of personal information.

The most disturbing thing is that there are a lot of online transactions, and I am afraid that my funds will be stolen.

It is easy for users to leak their own information, and it is difficult for their property to be safe.

This vulnerability is a worm-type vulnerability, and hackers can spread malware without passing through users, which is really scary.

What a terrible loophole, the vast majority of people don't know about it.

There are still a lot of vulnerabilities, it is easy to be infected by computer viruses, and a lot of data is stolen.

Red Alert! The latest vulnerability of win10 has been discovered, take a look at how your computer is.

You can install a PC Manager on your computer.

Then open the toolbox and find the fix vulnerability feature inside.

You can use this feature to fix all the high-risk vulnerabilities detected on your computer.