Dridex Malware via Microsoft Word Zero Day

One of the most dangerous banking and finance frauds on the internet is back – now via a Microsoft Word zero-day.

Dridex disappeared mid last year, but is back on the hunt, using malspam, UAC bypasses and now, a new unpatched Microsoft Word Zero-day.

Such a prudent reminder to ensure your organisation has disabled untrusted Microsoft Office macros. Think the Australian Signal Directorates Essential 8.

Microsoft Office applications can use software known as ‘macros’ to automate routine tasks, which are increasingly being used to enable the download of malware. Adversaries can then access sensitive information, so macros should be secured or disabled.

April 16th, 2017