Real World Technology Solutions would like to advise all customers to be extra cautious when reviewing email messages containing Microsoft Word attachments, especially on Windows-based computers.
There is a type of email message that is currently circulating across the internet, and which has only recently been discovered by security experts, containing attachments that are specifically formed to take an advantage of a vulnerability in many versions of Microsoft Word.
This attachment can execute code that can download yet more unwanted malware programs and viruses - even in a fully up-to-date Windows computer and with the latest definitions updated in antivirus software.
The attack had been first reported on Friday (7/4/2017) by McAfee. The messages have increased in number and we have observed emails on our email gateways and logs today (11/4/2017).
Microsoft have stated that an urgent update is about to be sent to computers through Windows update overnight (12/4/2017), that will fix or limit the impact that this exploit takes advantage of. Please have your computer ready to receive this update, where possible.
What Real World Technology Solutions is doing to limit the spread to customers
We are currently monitoring our message gateway and spam protection logs to temporarily block messages containing Word documents that are sent from a single source to a large number of different email addresses at once.
What we urge customers to do to limit the spread to others
We urge customers that if you are suspicious of a message arriving that contains a Word document without any text in the message, or that has an odd filename, to err on the side of caution and not open the document. If the message seems from a colleague or customer, send a new email asking them to confirm that they sent you a Word document to view.
Please bookmark or monitor this article page. Any updates will be added to this document.
For more information about this exploit, please visit the below Ars Technica UK news report.
(Full URL: https://arstechnica.co.uk/security/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/)
For more information about email safety, please visit the below link to a Medium article from Real World Group CEO Andrew Yager.
(Full URL: https://medium.com/real-world-technology-solutions/spam-phishing-and-email-d8a5b3f0e80d)