Nov 14

Threat Intelligence: Microsoft Zero-day Patched

Researchers have discovered a zero-day vulnerability (CVE-2018-8589) within win32k.sys affecting 32-bit versions of Windows 7. The vulnerability was reported to Microsoft on October 17th and is a privilege escalation vulnerability. It exists due to “improper locking of messages sent synchronously between threads.” If exploited successfully, it could allow an attacker to view or alter data, install programs, or create new user accounts by “running arbitrary code in the context of the local system.” At the time of writing this article, the delivery method remains unknown, however according to researchers, “the exploit was executed by the first stage of a malware installer, in order to gain the necessary privileges for persistence on the victim’s system.” The zero-day is currently being used by at least one APT actor but if an attacker attempts to exploit the zero-day on machines that are up to date with security updates, the system will crash.

read more →
Dec 08

Microsoft Releases Malware Patch for its…Malware Protection Engine

Yesterday, Microsoft released a patch to fix a remote code execution flaw, CVE-2017-11937, in its Malware Protection Engine (MPE).

read more →
Nov 29

Microsoft Word Vulnerability Allows Hackers to Gain Control of PCs

A Microsoft Word exploit has been active for 17 years, but only discovered and patched earlier this month.

read more →
Nov 15

Microsoft Office Vulnerability Lets Attackers Install Malware Without User Interaction

A new vulnerability in Microsoft Office has surfaced. The vulnerability is a memory corruption issue that resides in all versions of Microsoft Office that has been released in the past 17 years, which include Microsoft Office 365 and the latest version of Microsoft Windows 10.

read more →
Oct 24

Microsoft Word DDE Exploit used in Malware Attacks

A new unpatched attack method has surfaced that exploits a built-in feature of Microsoft Office.

read more →