Office惊现零日漏洞 黑客可利用Word文档安装恶意软件【澳门十大娱乐网站平台】

Online banking customers around the world should be on the lookout for scam emails that allow hackers to steal your passwords - and your money.世界各地的网上银行客户们都得小心了！黑客可以用诈骗电子邮件窃取你的密码——以及你的钱！Phishing emails which claim to be from reputable financial organisations contain hidden software - designed to exploit a newly discovered flaw in Microsoft Word.这些钓鱼电子邮件不会声称来自信誉较好的金融机构，但是却隐蔽有软件--这种软件利用的是微软公司Word新发现的一个漏洞。Documents opened with the word processing software may trick users into downloading code that allows cyber criminals to infect their computer and capture banking logins.这种Word文档不会愚弄用户iTunes代码，而网络罪犯可以利用这些代码病毒感染用户的电脑，从而取得银行指定信息。Cyber security firm Proofpoint warned that the exploit was being used to spread the trojan software - called Dridex.网络安全公司Proofpoint日前警告称之为，该漏洞被用来传播一种被称作“Dridex”的木马软件。

Dridex has previously been used to steal online banking passwords globally, resulting in the theft of hundreds of millions of dollars worldwide.Dridex曾多次就被用作在全球偷窃网上银行密码，导致全世界范围内数亿美元被盗。During an outbreak of the virus in 2015, the US was most heavily affected according to computer security firm Symantec.据电脑安全性公司赛门铁克回应，在2015年该病毒侵袭期间，美国灾情最相当严重。This was followed by Japan and Germany, with significant numbers of infections also seen in the UK, Canada, Australia, and a number of other European countries.其次是日本和德国，而英国、加拿大、澳大利亚和多个欧洲国家感染者也为数众多。

The latest email campaign started in Australia, but experts are warning this could quickly spread to the rest of the world.而此次通过电子邮件传播病毒的事件起于澳大利亚，但是专家警告称之为，很有可能迅速就不会蔓延到世界其他地区。The exploit targets a previously undiscovered flaw - known in security circles as a zero-day vulnerability - in the software.该漏洞针对的是Word之前一个并未找到的缺失——在安全性界被称作“零日”。This allows hackers to insert malicious code into the body of a document - in this case fake RTF files (Rich Text Format) which are actually disguised HTML code.黑客可以利用该漏洞，将恶意代码放入到一个文档中——这样一来，RTF格式的文件实质上是变相的HTML代码。

本文来源：澳门十大娱乐网站平台-www.saipusuliao.com