Monday, 10 April 2017
3 comments

Zero Day Vulnerability Found In Microsoft

Zero Day Vulnerability Found In Microsoft


Security Researchers Detected Zero Day Vulnerability in Microsoft


Security Companies McAfee and FireEye detects Microsoft Zero-day Bug in Office 2016 which is running on Windows 10.


A scenario of this Zero day vulnerability attack is Malicious document file E-mailing to victim contains an embedded OLE2link object, when the victim opens the attachment document file winword.exe contacts a remote server over HTTP request to retrieve a malicious .hta file appears as a fake RTF file.

FireEye email and network products detect the malicious documents as: Malware.Binary.Rtf.

The Microsoft HTA application loads and executes the malicious script. In both observed documents the malicious script terminated the winword.exe process, downloaded additional payload(s), and loaded a decoy document for the user to see. The original winword.exe process is terminated in order to hide a user prompt generated by the OLE2link.

Screenshot by McAfee

Once the exploits connected remotely, it downloads a file that contains HTML application content and executes it in .hta file. Because .hta is executable, the attacker gains full code execution on the victim’s machine.

McAfee said in the blog, The root cause of the zero-day vulnerability is related to the Windows Object Linking and Embedding (OLE), an important feature of Office. (Check our Black Hat USA 2015 presentation, in which we examine the attack surface of this feature.)

How to Protect?

Do not open any document file from unknown E-mail.

Currently, this vulnerability is not patched yet. Microsoft is working on this Bug and will be updated once it patches.

3 comments:

  1. I had read about that a zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack. Good information.

    ReplyDelete
  2. i have an expert who is reliable in the game,i met him through a contact named Jessica and was scared at first to give a trust,after all i had encountered with previous hackers but glad to say didn't regret my actions as [email protected] helped me hacked into my ex phone and gave me proof i been in a lying ass relationship all along,i will forever be grateful to you [email protected],please contact him and tell him from Brenda as i owe him all my life for saving me at the moment.

    ReplyDelete
  3. i have an expert who is reliable in the game,i met him through a contact named Jessica and was scared at first to give a trust,after all i had encountered with previous hackers but glad to say didn't regret my actions as [email protected] helped me hacked into my ex phone and gave me proof i been in a lying ass relationship all along,i will forever be grateful to you [email protected],please contact him and tell him from Brenda as i owe him all my life for saving me at the moment.

    ReplyDelete

 
Toggle Footer
Top