Office惊现零日漏洞 黑客可利用Word文档安装恶意软件“九州体育”
Online banking customers around the world should be on the lookout for scam emails that allow hackers to steal your passwords - and your money.世界各地的网上银行客户们都得小心了!黑客可以用诈骗电子邮件窃取你的密码——以及你的钱!Phishing emails which claim to be from reputable financial organisations contain hidden software - designed to exploit a newly discovered flaw in Microsoft Word.这些钓鱼电子邮件不会声称来自信誉较好的金融机构,但是却隐蔽有软件--这种软件利用的是微软公司Word新发现的一个漏洞。Documents opened with the word processing software may trick users into downloading code that allows cyber criminals to infect their computer and capture banking logins.这种Word文档不会愚弄用户iTunes代码,而网络罪犯可以利用这些代码病毒感染用户的电脑,从而取得银行指定信息。
Cyber security firm Proofpoint warned that the exploit was being used to spread the trojan software - called Dridex.网络安全公司Proofpoint日前警告称之为,该漏洞被用来传播一种被称作“Dridex”的木马软件。Dridex has previously been used to steal online banking passwords globally, resulting in the theft of hundreds of millions of dollars worldwide.Dridex曾多次就被用作在全球偷窃网上银行密码,导致全世界范围内数亿美元被盗。
During an outbreak of the virus in 2015, the US was most heavily affected according to computer security firm Symantec.据电脑安全性公司赛门铁克回应,在2015年该病毒侵袭期间,美国灾情最相当严重。This was followed by Japan and Germany, with significant numbers of infections also seen in the UK, Canada, Australia, and a number of other European countries.其次是日本和德国,而英国、加拿大、澳大利亚和多个欧洲国家感染者也为数众多。The latest email campaign started in Australia, but experts are warning this could quickly spread to the rest of the world.而此次通过电子邮件传播病毒的事件起于澳大利亚,但是专家警告称之为,很有可能迅速就不会蔓延到世界其他地区。The exploit targets a previously undiscovered flaw - known in security circles as a zero-day vulnerability - in the software.该漏洞针对的是Word之前一个并未找到的缺失——在安全性界被称作“零日”。
This allows hackers to insert malicious code into the body of a document - in this case fake RTF files (Rich Text Format) which are actually disguised HTML code.黑客可以利用该漏洞,将恶意代码放入到一个文档中——这样一来,RTF格式的文件实质上是变相的HTML代码。
本文关键词:九州体育
本文来源:九州体育-www.clinicacerqro.com
拿出手机扫一扫