New Cyberattack Targets Microsoft Messages Opened in Preview Mode
Hackers could gain remote access to your personal computer when you open — or merely preview — an email message with malicious content using Microsoft Outlook's default email settings.
The attacks exploit a newly uncovered Microsoft Word vulnerability that could allow someone to gain remote access to your computer because of how Outlook uses Word as the email client viewer and editor.
“The conventional wisdom has been that if you avoid opening suspicious links, and your email client does not automatically display and render images or run scripts, you can avoid these malware attacks,” says David Anderson, an information security senior consultant with CliftonLarsonAllen. “This case changes that.”
According to the Microsoft security warning, the attack works by delivering the malware within a rich text format (RTF) message. When the RTF message is previewed or opened, the malware gives the attacker the same rights as the current user.
“Outlook's default email settings allow you to preview email messages containing RTF content, which is what makes this threat unique,” says Anderson. “This feature should be disabled until Microsoft issues an update to address this vulnerability.”
You can employ these solutions while Microsoft patches the hole.
- Configure your Outlook email client to read emails in plain text. The downside is that newsletters and other formatted emails that you receive will be more difficult to read.
- Block all RTF content in Word documents using a free tool from Microsoft.
- Try to avoid RTF files altogether or scan them with your security software, first.
How we can help
Cyberthreats are constantly changing, so it isn't possible to eliminate all risk. But you can significantly reduce your risk when you know how vulnerable your technology systems are to a security breach. A well designed vulnerability management program is a core component of IT risk management, allowing you to close the gaps and keep your organization running smoothly.