• Rss
  • LinkedIn
  • Youtube
  • Twitter
  • Instagram
  • English English English en
  • Deutsch Deutsch German de
Sales: +49 5251 304-800 | Support: +49 5251 304-636
NoSpamProxy
  • HOME
  • PRODUCT
    • NoSpamProxy Cloud
    • NoSpamProxy Protection
    • NoSpamProxy Encryption
    • NoSpamProxy Large Files
    • NoSpamProxy Disclaimer
  • SUPPORT
    • Knowledge Base
    • Forum
    • Training courses
    • Support Request
    • Software-Download
    • Resources
  • PARTNERS
    • Finding Resellers
    • Becoming Reseller
    • Partner Portal
  • COMPANY
    • Team
    • Testimonials
    • Career
    • Contact
  • EVENTS
    • Events
    • Webcast Training
  • BLOG
  • FREE TRIAL VERSION
    • Price request
    • Free trial version
  • English
    • Deutsch
  • Search
  • Menu Menu
  • Emotet Sicherheitsluecke O365

NoSpamProxy closes emotet vulnerability in Office 365

In many cases, the banking Trojan Emotet reaches IT infrastructures via contaminated Office files containing so-called macros. A macro is a kind of mini-program that – if permission has been granted – executes a specific sequence of instructions. Cyber criminals have used macros to find a way to infect computers with emotet and other malware. Because they are often not needed, these macros can be prevented from running in Office 365, either manually or through Group Policy – if it weren’t for a glaring vulnerability in certain business versions of Office 365.eklatante Sicherheitslücke in bestimmten Business-Versionen von Office 365.

The BSI recommends deactivating macros

Group policies are an effective and daily used tool for administrators to implement settings and rules throughout the company. Often the protection of the entire IT infrastructure depends on the configured group policies. With regard to protection against emotet, the German Federal Office for Information Security (BSI) recommends, among other things, deactivating the execution of macros via group policy. If the administrator implements this, he or she must be able to rely on Group Policy to be effective.

Group policies do not work

It is now known that most versions of Office 365 ignore the Group Policy settings. This creates a security hole that is a potential gateway for malicious code of all kinds. The perfidious thing is that this happens without notification of the administrator and only the low-cost business and enterprise versions of Office 365 are affected; the more expensive enterprise versions and Office Professional support Group Policies. This confusing, disparate behavior is documented by Microsoft, but is difficult to find in a list of service descriptions. Administrators who have disabled macros in Office files using Group Policy should immediately investigate whether they and their organization are affected by this vulnerability.

Still secure – with NoSpamProxy

With NoSpamProxy you can make malicious macros harmless – guaranteed. The content filter in NoSpamProxy reliably detects Word, Excel and PowerPoint files containing macros and offers you various ways to react. With the spam filter NoSpamProxy Protection you can reject the entire e-mail, remove the contaminated file completely or convert it into a harmless PDF. Alternatively, you can lock the file until it is manually released by the administrator or upload it to the NoSpamProxy Sandbox for analysis. In this way you can guarantee the security of your company and the protection of your IT infrastructure with NoSpamProxy.

Start your free trial now

  • share 
  • share 
  • tweet 
  • email 

SEARCH

PRODUCT

  • All Topics
  • NoSpamProxy Cloud
  • NoSpamProxy Protection
  • NoSpamProxy Encryption
  • NospamProxy Large Files

Knowledge Base

Knowledge Base

Note: The information in this knowledge base is only relevant for NoSpamProxy up to version 13.2. All information for NoSpamProxy 14 and higher can be found in the online documentation.

CATEGORY

  • All Topics
  • News
  • Product
  • Tech & Support
  • Events
Subscribeto RSS Feed

NoSpamProxy

  • NoSpamProxy Cloud
  • NoSpamProxy Encryption
  • NoSpamProxy Large Files
  • NoSpamProxy Disclaimer
  • Price request
  • Team
  • Career
  • General terms and conditions
  • Data Protection Information for Business Partners and Applicants
  • Cybersecurity (PSIRT)

Partners

  • Becoming a reseller
  • Partners
  • Order Certificates
  • Newsletter

Categories

  • All topics
  • News
  • Support
  • Updates
  • Order certificates

Latest News

  • Info IconCritical Outlook vulnerability: No threat to NoSpamProxy customers24.03.2023 - 15:09
  • Default filter settings in NoSpamProxy 1422.03.2023 - 10:00
  • NoSpamProxy UpdateGlobal Rollout NoSpamProxy Version 14.0.515.03.2023 - 15:20
IMPRINT • EULA • Privacy Policy • © 2023 Net at Work GmbH
  • Rss
  • LinkedIn
  • Youtube
  • Twitter
  • Instagram
Cybercriminals are exploiting the Corona virusCorona Phishing MalwareServices von Net at Work sind wie gewohnt verfügbarNet at Work services are available as usual
Scroll to top