It’s time to secure Microsoft Office

This week in the office my systems have blocked 150,000 malicious Office documents. All have Office macros attached, or OLE objects. The 90s never finished as attackers learn to automate attacks using Office and old technology. If anything is a sign that the security industry needs to shift up a gear, this is it.

Kevin Beaumont has posted a fantastic (and pragmatic!) guide for best practices when working with Office documents. His guide to simple configuration management will dramatically improve your security posture by making some changes to how trustworthy Office documents are.

OLE is more popular than ever, and for all the wrong reasons.

Adobe Security Bulletin

It is very important that all users of Adobe Flash ensure they have the latest versions installed on all workstations — this one is pretty gnarly and will likely be getting a lot of attention in short order.

The relevant CVEs ((Common Vulnerabilities and Exposures reference number used by researchers and vendors)) are:

And from Adobe’s release, the list of vulnerable versions is quite broad:

Affected software versions

  • Adobe Flash Player 12.0.0.44 and earlier versions for Windows and Macintosh
  • Adobe Flash Player 11.2.202.336 and earlier versions for Linux
  • Adobe AIR 4.0.0.1390 and earlier versions for Android
  • Adobe AIR 3.9.0.1390 SDK and earlier versions
  • Adobe AIR 3.9.0.1390 SDK & Compiler and earlier versions

Essentially, if you didn’t download a new version of Adobe Flash today, you’re probably vulnerable.

Adobe has released security updates for Adobe Flash Player 12.0.0.44 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.336 and earlier versions for Linux. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system. Adobe is aware of reports that an exploit for CVE-2014-0502 exists in the wild, and recommends users update their product installations to the latest versions.

via Adobe Security Bulletin.