You know those random Word documents people send you? The ones labeled “URGENT: Invoice Attached” or “Your Purchase Order Inside”? Yeah, those might not be what they seem.
Security researchers just caught hackers using a 17-year-old Microsoft Word flaw to sneak malware onto computers—and the scary part? You don’t even have to click anything. Just opening the file is enough to get infected.
How the Scam Works
It starts with an email that looks just legit enough to make you curious. Maybe it’s pretending to be from a vendor, a shipping company, or even your own HR department. The attachment? A harmless-looking Word document.
But here’s the kicker it’s not harmless.
Inside that file is an exploit for CVE-2017-11882, a vulnerability in Microsoft Office’s old Equation Editor tool. Microsoft patched it back in 2017, but guess what? Tons of people and businesses still haven’t updated their software.
Once you open the file:
-
The exploit silently runs no macros, no “Enable Content” warning.
-
A malicious DLL drops into your temp folder (because of course it does).
-
FormBook malware installs itself, hiding inside normal Windows processes.
And then? It starts stealing:
Passwords (from browsers, email clients, even password managers)
Keystrokes (so it can grab your logins in real time)
Screenshots & clipboard data (yes, that thing you copied five minutes ago? Gone.)
Why Is This Still Happening in 2025?
Because hackers are lazy in the best way. Why bother with fancy new tricks when an old one still works?
Companies delay updates (because “if it ain’t broke, don’t fix it”).
People still open sketchy attachments (come on, we’ve all done it)
The malware keeps evolving now it hides payloads inside fake PNG files.
This isn’t some theoretical threat, either. Earlier this year, a similar attack called CarnavalHeist targeted Brazilian users with Portuguese-language Word docs. And in March, researchers found a Windows zero-day that could steal passwords just by making you look at a file in Explorer.
How to Not Get Hacked
-
Stop opening random attachments. Seriously. Even if it looks real.
-
Update your damn software. That “remind me later” button is the enemy.
-
Use a good email filter. Gmail’s decent, but businesses should invest in something stronger.
-
Enable multi-factor authentication (MFA). If malware steals your password, MFA can still save you.
-
Check for weird processes. If your PC suddenly slows down for no reason, investigate.
The Bottom Line
This isn’t some ultra-complicated cyberattack it’s a classic trick with a fresh coat of paint. And that’s what makes it dangerous.
So next time you see an unexpected Word doc in your inbox? Don’t open it. Forward it to IT, mark it as spam, or just delete it. Your future self (and your bank account) will thank you.
Discover more from CyberAwareHub
Subscribe to get the latest posts sent to your email.