New Zero-day exploit uses Word to hack your PC. The virus arrives by email, which when opened activates exploit code in the document which connects to an attacker-controlled server and then downloads a malicious HTML application file that’s disguised to look like a document created in Microsoft’s Rich Text Format. Once running the .hta file downloads additional payloads from “different well-known malware families” and then pops up a real word document to hide its activities.
The attack works on fully patched PCs and the only mitigation is not to download or open suspicious word files or only view them in Protected View, which does, in fact, protect users on this occasion. Disabling Macros does not offer any protection.
The new malware was discovered some weeks ago and FireEye has notified Microsoft of its existence, but a patch is not ready to be released yet.
Read more about the issue at FireEye here.