Microsoft hacker attack: what you should do now
Fraudsters have developed a new virus which is attacking certain Microsoft programs. Here's how to protect yourself.
Hackers may have cracked open a “vulnerability” in certain Microsoft programs allowing them access to individual computers and the information stored on them.
If successful, fraudsters can gain control of a computer and be granted the same rights as the person using the computer.
The risk only exists on some Microsoft programs and the company is currently investigating the problem.
Microsoft security risk
Computers with the following Microsoft programs could be at risk: Microsoft Windows Vista, Windows Server 2008, Microsoft Office 2003-2010, and all supported versions of Microsoft Lync.
The scam works once the owner of the computer opens an infected file sent by the hacker. The file is likely to be sent as an email with a Word attachment file. Within this Word file there will be a malformed Tagged Image File Format (TIFF) image.
If any part of the attachment is opened or previewed, the virus will try to gain access to the computer and give the hacker the same rights as the person logged onto the computer.
The reported risks have so far been largely on computers in the Middle East and South Asia.
Dustin Childs, group manager of response communications at Microsoft, said: “We are aware of targetted attacks” but confirmed current versions of Microsoft Windows and Office were not affected by the issue.
Compare home insurance policies with lovemoney.com
What to do if your computer is infected
Microsoft says it’s currently working to create a security update which will be sent out to people at risk.
But if you don’t want to wait until this arrives, there are some other measures you can perform to make sure you’re protected.
First you need to apply the Microsoft ‘Fix it’ solution program which can be downloaded from the website. This is not a replacement for a security update, but a temporary ‘workaround’ measure to block any attacks on your computer.
The website also lists potential scenarios where a computer program could be accessed and a full list of affected and unaffected software.
How to make sure you remain protected
Your computer security settings need to be regularly updated and you should have anti-virus and anti-spyware software downloaded.
If you’re sent an email with an attachment and you don’t recognise the sender, it’s always best to avoid opening it. Even if you do know the sender there is a risk their account has been hacked so watch out for signs such as spelling or grammar mistakes within the text.
Financial institutions will never ask for personal details via email. If you are sent a link within an email, copy and paste the address in a new web page instead of following it. It's also a good idea to Google any companies you've not heard of before.
Suspect emails or web pages should be avoided at all costs and if you come across one report it to a company such as Action Fraud and then delete it.
Get on top of your budgets with the MoneyTrack tool
More on scams:
Don't fall for this business rates scam
The banks with the worst online banking security
The University of Luxembourg research scam
Watch out for these HMRC tax refund scams
Online banking: How to stay safe
Most Recent
Comments
-
antonio wrote: "Why not try a Chromebook? Based on linux it has very little local storage (all in the Google cloud) and hence zero security problems" Oh sure, no security problems... except the little matter of Google collaborating with the US and UK government spies at the National Security Agency and GCHQ, so they can rifle through all your data even more easily, once it's nicely stored in their clouds. It is not just the don't-be-evil boys. All the big ISPs have become traitors to their customers, acting as narks and snitches for tyrants. I would rather trust a Nigerian scammer than the conspiracy to rob, murder and terrorise known as democratic governance. If you want to end your days as an internet slave, trust the ISPs to keep your stuff confidential. Ah, but it is all in the noble cause of 'keeping us safe from Evil Terrorists, a risk about as great as getting struck by lightning while playing golf. Leaving aside the question wny these attacks don't get blocked by surveillance in the first place (I have my theory).
REPORT This comment has been reported. -
The chances of you receiving an attachment you weren't expecting from someone you don't know (or even someone you do know) that doesn't contain some sort of "virus", especially on a Windows based machine, is roughly as likely as David Cameron or George Osborne saying something that makes any sense what so ever. If you don't know the sender just delete the e-mail without even opening it. If you do know them then check with them that it is genuine. And always, ALWAYS, have up-to-date anti-virus (etc) software running at all times on your PC or whatever.
REPORT This comment has been reported. -
Why not try a Chromebook? Based on linux it has very little local storage (all in the Google cloud) and hence zero security problems. I've used one for over a year at home and with free wifi at a multitude of venues with no security breaches at all. I've had no problems replacing Office software with Google stuff and the full Chrome browser is just a joy to use. I've seen loads of critiques by Mac and Microsoft fans and found the vast majority to be very badly informed - it does have an inability to run super realistic shooting games but that's a plus for me. Its ultra-portable and if it's stolen - no problem at all, your data is in the Google cloud, just buy another one for about £200 and you are good to go. It's difficult to get across just how good they are and how they transform your computing, communication and recreational (film and music) experience. You just have to try one for few days. By the way I'm just a fan - I have no commercial interest.
REPORT This comment has been reported.
Do you want to comment on this article? You need to be signed in for this feature
18 November 2013