Four serious vulnerabilities have been found in Microsoft Office. Microsoft has patched the leaks, so updating is the message.
It is security company Check Point Research (CPR) that discovered the vulnerabilities in MSGraph. This component can be embedded in Microsoft Office products to display graphs and charts in documents. This means that an attack could be carried out in Excel, Word and Outlook.
For example, an attacker could allocate a malicious Excel file. Directly after opening, the vulnerability is triggered, and malicious code can run on the local computer.
The virtuous news is that Microsoft has since patched the leaks right after CPR reported it to Microsoft. But the bad news is that not every Office user installs the updates automatically. Do you doubt yourself? You can always click on ‘Check for updates via Windows Update.