Skip to main content
  1. Home
  2. Computing
  3. News

Microsoft warns of hacks against multiple Windows, Office versions

By
new office 365 update skydrive skype 20gb microsoft logo

If you use aged versions of Windows or Microsoft Office, be on the lookout; Redmond issued a security warning today.

In their latest Security Advisory report, Microsoft states that they are investigating reports of vulnerabilities in multiple versions of Windows Vista, Windows Server 2008 and Microsoft Office. They’re also aware of “targeted attacks” that try to take advantage of a security hole in Office.

Recommended Videos

Here’s how Microsoft describes the vulnerability:

Related

“[It’s] a remote code execution vulnerability that exists in the way affected components handle specially crafted TIFF images. An attacker could exploit this vulnerability by convincing a user to preview or open a specially crafted email message, open a specially crafted file, or browse specially crafted web content. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”

The report indicates that a hacker who attacks a PC using this vulnerability could gain the same rights to the machine that the user has, even administrative rights. However, the hacker would also be bound do whatever restrictions the user is limited to in the event that they do not have administrative rights access. Hackers could also attack a machine with this vulnerability if a user clicked an affected link in an email or instant message, or opened a tainted email attachment.

Microsoft says that they are working with partners in this investigation and could choose to address the issue by releasing an update. The update may fall in line with Microsoft’s monthly update schedule, though the report states that the patch could be released “out-of-cycle.” Which route Microsoft goes depends on “customer needs.”

Click here to see the report, and a complete list of the affected Microsoft software.

Editors' Recommendations

Topics
Konrad Krawczyk
Konrad Krawczyk
Former Digital Trends Contributor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
Microsoft may have ignored warnings about Bing Chat’s unhinged responses
Bing Chat saying it wants to be human.

Microsoft's Bing Chat is in a much better place than it was when it released in February, but it's hard to overlook the issues the GPT-4-powered chatbot had when it released. It told us it wanted to be human, after all, and often broke down into unhinged responses. And according to a new report, Microsoft was warned about these types of responses and decided to release Bing Chat anyway.

According to the Wall Street Journal, OpenAI, the company behind ChatGPT and the GPT-4 model powering Bing Chat, warned Microsoft about integrating its early AI model into Bing Chat. Specifically, OpenAI flagged "inaccurate or bizarre" responses, which Microsoft seems to have ignored.

Read more
Windows 11 is about to make RGB peripherals way easier to use
Switches on the Razer DeathStalker V2.

Windows 11 is finally creating a solution for the multitude of RGB apps that clutter most gaming PCs. The long-rumored feature is with Windows Insiders now through Build 23475, which Windows announced in a blog post on Wednesday.

The feature, called Dynamic Lighting, looks to unify all of the different apps and devices that use RGB lighting so you don't have to bounce between several different apps. More importantly, Microsoft is doing so through the open HID LampArray standard, which makes it compatible with a long list of devices. Microsoft says it already has partnerships with Acer, Asus, HP, HyperX, Logitech, Razer, and Twinkly to support Dynamic Lighting.

Read more
Microsoft Teams is getting new AI tools — and they’re free
microsoft teams communities update builds on easy collaboration

Microsoft recently announced a major update to its communities and GroupMe features on its free Teams app. In addition to more features that mirror a platform like Discord, Teams now supports AI-generated images in Communities, à la Midjourney.

The Communities feature has been a breakout hit for Microsoft Teams since its introduction in December 2022, and has been available for Microsoft 365 Personal and Family plans, along with Teams Essentials accounts. Since then, many people have found the feature beneficial for local collaboration such as sharing projects, exchanging ideas, and pooling resources. According to user feedback, the feature allows collaborators to stay connected before, during, and after gatherings, Microsoft said.

Read more