Here are the updates that you need to install to make sure your computer is safe.
CVE-2021-31174 • CVE-2021-31178 • CVE-2021-31179 • CVE-2021-31939.
Explaining more about the attack Yaniv Balmas, Head of Cyber Research at Check Point Software, said: “The vulnerabilities found affect almost the entire Microsoft Office ecosystem. It’s possible to execute such an attack on almost any Office software, including Word, Outlook and others.
“We learned that the vulnerabilities are due to parsing mistakes made in legacy code. One of the primary learnings from our research is that legacy code continues to be a weak link in the security chain, especially in complex software like Microsoft Office.
“Even though we found only four vulnerabilities on the attack surface in our research, one can never tell how many more vulnerabilities like these are still laying around waiting to be found. I strongly urge Windows users to update their software immediately, as there are numerous attack vectors possible by an attacker who triggers the vulnerabilities that we found.”