Cyber security news for all

More

    Microsoft fixes a problem in VBA issues for Office security updates

    Microsoft has released unscheduled fix updates for Microsoft Office 2010- 2016 that can be downloaded and installed manually if required. An update released in April 2020 for the security patchday on some systems, which caused problems with projects in the scripting language.

    Unwanted Blockages Through Correction Update

    The April security update that brought the VBA issues with it removes the Office vulnerability, which can be used remotely. By default, to protect against the vulnerability, the security update blocks pointers to unsafe locations when used in VBA programs. A sensible protection mechanism, which, was explained on the first reports of the VBA problems, can be handled with a workaround using group guidelines if required. However, it is now known that the update also prevents the reloading of components whose file names or path contain characters.

    This is an error loading type libraries, which attackers can use to execute malicious code. All they have to do is persuade their victim to load a manipulated Office file. Unfortunately, after installing the patches, the Office versions 2010 and 2016 also refused to load regular VBA macros (Visual Basic for Applications).

    This problem occurs whenever components are linked in the macros whose path contains double byte characters. Microsoft has now provided some additional updates for affected users, which you should import manually if necessary. If you have installed the security update for Office 2010 and 2016 and have problems with the known problem VBA macros, you will now receive KB3101353 for Office 2016, which corrects this problem.

    @petesmst kicked off this morning:

    I am using Microsoft 365 Home (Current Version: 2004 – Build 12730.20250 Click-to-Run) on a Windows 10 (64-bit) Version 1909 (OS Build 18363.836) Desktop PC. When attempting to “Update Now”, the download of updates starts and then stops after around 3-4 minutes. Nothing further happens, even if left running overnight.

    The Improvements And Corrections With The Update Are

    • The update resolves the issue that occurs after you install the security update.
    • Visual Basic for Applications macros are not loaded if they contain references to components that are in a file path. Or you have a file name that contain double byte character set.

    Recent Articles

    Personnel were asked to removed 89 apps which includes Instagram, Facebook, and others by the Indian Army

    Personnel are told by the Indian Army to delete 89 apps from their phones from July 15. This is in a bid to avoid...

    The warning sent to employees about Tiktok app was a mistake says Amazon

    On Friday morning, Amazon sent out a memo to its employees, asking them to uninstall the popular social media app TikTok off their phone....

    Other Android phones sold in the US contains pre-installed malware

    There’s a discovery of Pre-installed malware on another phone by researchers from Malwarebytes; through the lifeline Assistance program for sale in the United States....

    About 15 billion stolen passwords and usernames sold on the dark web.

    A recent finding has shown that about 15 billion passwords and usernames are distributed on the dark web. This compromise will bring about credential...

    Hundreds of multinational companies aimed by Russian BEC Gang

    According to the security firm Agari, there has been a discovery of a newly uncovered Russia-based business email compromise gang; BEC gang that scams...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox