GeekPolice Tech TutorialsLog in

 

Share

descriptionRecent Microsoft Zero-day used for cyber-spying!

more_horiz
David Bisson wrote:
Two separate attack campaigns exploited the same Microsoft zero-day vulnerability to infect users with spyware and crimeware.

The security hole known as CVE-2017-0199 first made headlines in early April.

The vulnerability enables malicious actors to execute a Visual Basic script containing PowerShell commands when a user opens a Microsoft Office RTF document laden with an embedded exploit.

Following its initial disclosure, researchers observed attackers exploiting the bug, which affects all versions of Microsoft Office, to infect users with Dridex and other malware.

Microsoft patched the vulnerability in its Patch Tuesday on 11 April 2017. Even so, those Dridex campaigns are still sending fake photocopier documents to unsuspecting users at this time.


read more here

Good Post! What do you think?

descriptionRe: Recent Microsoft Zero-day used for cyber-spying!

more_horiz
I'm still seeing news about that breach!!!
Permissions in this forum:
You cannot reply to topics in this forum