This Microsoft Office exploit will make you rethink everything you know about web safety

What if Outlook displays a legitimate-looking URL in an email?

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Microsoft’s suite ofoffice softwarecould be abused to launch phishing attacks capable of deceiving even the most well-trained web users, researchers have found.

Analysts from Bitdefender recently uncovered that homograph attacks (those that abuse similar-looking characters for the purposes of deception - e.g. Micr0soft) grow a lot more potent when based on international domain names (IDN), and used against apps other thanbrowsers.

After testing a few applications on their behavior when faced with an IDN homograph attack, the researchers discovered that all Microsoft Office applications were vulnerable. That includes all of the productivity powerhouses:Outlook,Word,Excel,OneNoteandPowerPoint.

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.

No patch in sight

In layman’s terms, a threat actor can force Outlook to display a link that looks absolutely legitimate, while the user wouldn’t be able to tell the difference until the site was opened in their browser. In some cases, that would be enough to trigger amalwaredownload.

The company reported the issue to Microsoft back in October last year, and while the Redmond software giant did acknowledge the threat as real, it is yet to issue a patch.

Everything you need to know about phishing>How to avoid online phishing to better protect yourself>Don’t fall for this devious phishing scam, Facebook users warned

The good news, Bitdefender claims, is that such an attack is not easy to mount, and is therefore unlikely to be used at scale. Still, the exploit could be an extremely potent weapon for targeted attacks, such as state-sponsored threat actors targeting specific high-value companies for theirpasswordsand other sensitive data.

The issue with homograph attacks is that they abuse the internationalization of the web. In the early days of the internet, all domain names used the Latin alphabet, which has 26 characters. Since then, the internet grew to include more characters, including, for example, the Cyrillic alphabet (used in Eastern Europe, and Russia). That gave threat actors a wide playground, as by combining different characters, they can create phishing sites whose URL looks identical to the legitimate site.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Lego will let you build Sir Ernest Shackleton’s iconic lost ship, the Endurance, in its next Icons set