Cyber security news for all

More

    Microsoft fixes a problem in VBA issues for Office security updates

    Microsoft has released unscheduled fix updates for Microsoft Office 2010- 2016 that can be downloaded and installed manually if required. An update released in April 2020 for the security patchday on some systems, which caused problems with projects in the scripting language.

    Unwanted Blockages Through Correction Update

    The April security update that brought the VBA issues with it removes the Office vulnerability, which can be used remotely. By default, to protect against the vulnerability, the security update blocks pointers to unsafe locations when used in VBA programs. A sensible protection mechanism, which, was explained on the first reports of the VBA problems, can be handled with a workaround using group guidelines if required. However, it is now known that the update also prevents the reloading of components whose file names or path contain characters.

    This is an error loading type libraries, which attackers can use to execute malicious code. All they have to do is persuade their victim to load a manipulated Office file. Unfortunately, after installing the patches, the Office versions 2010 and 2016 also refused to load regular VBA macros (Visual Basic for Applications).

    This problem occurs whenever components are linked in the macros whose path contains double byte characters. Microsoft has now provided some additional updates for affected users, which you should import manually if necessary. If you have installed the security update for Office 2010 and 2016 and have problems with the known problem VBA macros, you will now receive KB3101353 for Office 2016, which corrects this problem.

    @petesmst kicked off this morning:

    I am using Microsoft 365 Home (Current Version: 2004 – Build 12730.20250 Click-to-Run) on a Windows 10 (64-bit) Version 1909 (OS Build 18363.836) Desktop PC. When attempting to “Update Now”, the download of updates starts and then stops after around 3-4 minutes. Nothing further happens, even if left running overnight.

    The Improvements And Corrections With The Update Are

    • The update resolves the issue that occurs after you install the security update.
    • Visual Basic for Applications macros are not loaded if they contain references to components that are in a file path. Or you have a file name that contain double byte character set.

    Recent Articles

    Millions of RDP attacks on home offices

    Since the corona related move to the home office, the number of daily hacker attacks on remote desktop connections has increased more than tenfold....

    KuCion crypto confirms 150 million dollar security breach

    Cyber criminals were able to steal from the KuCion crypto and stole coins worth millions. On the evening of last Friday, KuCion crypto noticed...

    Hungarian banks were the target of a massive DDoS attack

    Several banks and the Hungarian Telekom have been the target of a cyber attack. The attacks are said to have come in several waves...

    The source code of Windows XP is leaked

    The source code of Windows XP is currently freely accessible. The media says that data first appeared on 4chan and is currently being exchanged...

    Hackers send malicious Azure Cloud apps to Microsoft

    Microsoft has banned some Azure Cloud applications from its cloud that the company identified as part of an attack infrastructure. Microsoft describes the approach...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox