OFFICIAL SECURITY BLOG

We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

Beware opening RTF files in Office 2011

Posted on March 27th, 2014 at 3:06 PM EDT

Earlier this week (while I was out of town, of course!), Microsoft announced a vulnerability in Office that would allow a maliciously-crafted RTF file to execute code automatically when opened. Office 2011 for Mac is listed as being vulnerable. There are already exploits using this bug to install malware on Windows, but it’s unclear on whether this might also affect the Mac. Probably not, if I had to guess, but just to be safe, disable opening of RTF files in Office 2011 for now.

5 Comments

Microsoft Office 2011 update addresses vulnerability

Posted on June 11th, 2013 at 9:29 PM EDT

Microsoft issued an update for Office 2011 today that could lead to code execution by simply opening a maliciously-crafted Office document. As with today’s Flash update, there’s no currently known Mac malware taking advantage of this, but there’s no sense letting it appear before you take action. If you’re using Office 2011, update it immediately!

6 Comments

CallMe malware persists

Posted on April 25th, 2013 at 1:59 PM EDT

F-Secure has blogged today about a slightly new variant of CallMe that has been seen in the wild. Everything about the malware seems to be the same, except for file names and the command server that the malware “calls home” to. This is certainly small news, but it does show that this malware is still in active distribution, at least.
Read the rest of this entry »

This post is more than 30 days old and has been locked. No further comments are allowed.

Microsoft Office vulnerability used to spread malware

Posted on March 28th, 2012 at 8:58 AM EDT

AlienVault Labs has announced discovery of malware “in the wild” that is taking advantage of a Microsoft Office vulnerability to install itself.  It would appear that MS Office for Mac 2004 and 2008 are both vulnerable if the relevant security patch has not been installed.  On vulnerable systems, malicious MS Office documents have been seen that install two different trojans, the Tibet.A trojan announced last week and a second never-before-seen trojan apparently called MacControl.
Read the rest of this entry »

1 Comment