It's reported that, as of 11 April, patches are available for a security bug in Microsoft Office and in Wordpad which was disclosed to the company in October. The flaw was widely exploited after McAfee blogged about it. It affects Microsoft Office 2007 SP3 and Windows Vista SP2; the latter was released in May 2009 and the former in October 2011.
In related news, The Register (nonCloud-flare link) says that
[...] CVE-2017-0210 in Internet Explorer, and CVE-2017-2605 in Office – are being actively attacked in the wild by miscreants and the Dridex malware. That latter bug has no patch, by the way: Microsoft just switched off an exploited PostScript filter by default.
further information: CVE-2017-0199
coverage:
related story:
After Microsoft Delays Patch Tuesday, Google Discloses Windows Bug
(Score: 0) by Anonymous Coward on Sunday April 30 2017, @03:42AM
The way to avoid getting malware is not to hang around with idiots who always have all the latest malware.
Sure I never talk to anyone and I suck my own dick but it's worth it not to see malware ever.