Windows 10 Zero-Day Exploit Triggered by Visiting a Website, Opening Office Documents

Windows 10 users are facing the threat of a new zero-day exploit which allows remote code to be executed. The bad news is, it can be triggered simply by visiting a website or opening a malicious document in Microsoft Office.

As KrebsonSecurity reports, the exploit takes advantage of the MSHTML component in Internet Explorer, which may have many users sighing with relief because they long ago switched to the Edge browser or one of the other popular alternatives. However, because the exploit uses a malicious ActiveX control, it can also be triggered using a Microsoft Office document.

Both Office 2019 and Office 365 users are vulnerable, but it does require opening a malicious document which hopefully most people won’t do. Microsoft doesn’t have a patch to fix the vulnerability yet, but in an advisory some workarounds are suggested.

For anyone still using Internet Explorer, Microsoft suggests disabling the installation of ActiveX controls. This does require updating the Windows Registry, however, which not everyone will be comfortable doing. Instructions are provided in the advisory. Office users have some protection by default because documents from the internet are opened in Protected View or Application Guard for Office.

The usual advice will keep you safe. Don’t open documents unless you are sure they are safe, and don’t visit websites you don’t completely trust. Running a good security suite will also help keep your system safe, and of course, stop using Internet Explorer. Microsoft probably won’t release the patch for this exploit until Sept. 14 (the next Patch Tuesday).