Select “ Check for Updates” and it’ll launch the Microsoft AutoUpdate program. You could theoretically just sit at that point until the program checks for updates, but it’s easy to hasten the process along from the Help menu: On your Mac system, it’ll often pop up the Microsoft Updater immediately upon launching Microsoft Word, but if it doesn’t and you’re just looking at the following, I’ll show you the step-by-step: Word accepts and runs the script without producing the warning you would expect to see.”ĭefinitely bad news, and something you should fix immediately, both on Windows and Mac systems, to ensure that you’re running the very latest version of MS Word. In this case, the booby-trapped server sends out a compiled HTML file with an embedded program script.
“On unpatched systems, the vulnerability is triggered by opening a document that provokes a benign-looking download warning, followed by a download from a booby-trapped server that sends a document of a more dangerous sort. Security experts SophosLabs describe it this way: In fact, it appears to be something that can affect MacOS X users of Microsoft Word along with Windows users, which is rather unusual. You’re right that there is a brand new exploit in the wild that’s particularly malicious and targets Microsoft Word users.