<p>A detection-avoiding advanced persistent threat (APT) has been found targeting a flaw in Microsoft Office to infect thousands of machines across over 100 countries.</p><p>Security firm Trend Micro uncovered a campaign, codenamed SafeNet, targeting a known flaw in older versions of Microsoft Office on Friday. "The distribution mechanism the Safe campaign used involved spear-phishing emails that contain a malicious attachment," the report said.</p><p>"This technique, which is quite common for APT campaigns, encourages a recipient to open a malicious attachment by sending an email with contextually relevant content. We discovered several malicious documents that all exploited a Microsoft Office vulnerability (CVE-2012-0158). If opened with a version of Microsoft Word that is not up to date, a malicious payload is silently installed on the user's computer."</p><p>Trend Micro said the full extent of the campaign remains unknown although it has already linked several thousand IP addresses to it, indicating that its reach will be moderately far.</p><p><a href="http://www.v3.co.uk/v3-uk/news/2269242/microsoft-office-security-flaw-hits-thousands-in-latest-hacker-attack">Keep reading...</a></p><p>Read also:</p><p><a href="http://www.theregister.co.uk/2013/05/20/safe_cyber_espionage/">Securo-boffins uncover new GLOBAL cyber-espionage operation</a> (Register)</p><p>Explore: <a href="http://news.google.com/news/more?ncl=dx-XDEInbK0-m4MwT9Gy4BhoGOndM&ned=us">5 additional articles.</a></p>