Microsoft is drawing attention to a cybercrime campaign that relies on Office features to compromise Windows systems. Office applications remain a favorite tool for cyber criminals to exploit to compromise Windows PCs en masse.
Earlier this month, Microsoft warned that attackers were firing spam that exploited an Office flaw to install a trojan. The bug meant the attackers didn't require Windows users to enable macros.
However, a new malware campaign that doesn't exploit a specific vulnerability in Microsoft software takes the opposite approach, using malicious macro functions in an Excel attachment to compromise fully patched Windows PCs. Learn the details here.