• Home
  • About Company
  • Career
  • Site Map

Namct

  • Money
  • Culture&Arts
  • IT&Software
  • Science
  • Sport
  • World Media
  • Health Care
  • USA

Microsoft Word Flaw Used in Dridex Malware Campaign

  • by Jacquelyn Byrd
  • in IT&Software
  • — Apr 13, 2017
Share:

Speaking on the Proofpoint website, a security analyst said: 'This is the first campaign we have observed that leverages the newly disclosed Microsoft zero-day.

Cybersecurity firm Proofpoint, has discovered a Microsoft Word vulnerability that serves as an attack vector for Dridex malware.

The.hta file enables the attacker to gain full code-execution on the victim's machine - bypassing any memory-based mitigation developed by Microsoft.

The exploit also downloads and displays a fake Word document to the user to hide a user prompt generated by the OLE2link object, FireEye said. He said the Microsoft patch should automatically update tomorrow on computers running Windows versions 7, 8 and 10.

McAfee said it identified the attacks on Thursday and made a decision to release its advisory immediately, which appeared late on Friday. While Microsoft works on a patch, McAfee recommends not opening any Office files obtained from untrusted sources, and also enabling Office Protected View. Microsoft is reportedly working on a fix that should be available on Tuesday.

To mitigate the security flaw, users should download the most recent patch from Microsoft.

Sharks Cs Thornton, Couture day to day heading into playoffs
He has done his part and more to help the Edmonton Oilers make the Stanley Cup playoffs for the first time in more than 10 years. Defensively, the Vancouver Canucks are allowing 2.9 goals per game and are killing 76.9 percent of their opponents power plays.

The exploit connects to a remote server (controlled by the attacker), downloads a file that contains HTML application content, and executes it as an.hta file, according to a blog post by McAfee.

According to the researchers, a victim opening a suspicious Word file - embedded with an OLE2link object - in an email would trigger winword.exe to initiate an HTTP request to the attacker's remote server.

Allen acknowledged that "it would take a skilled research team" to recreate the OLE vulnerability, but added, "We know there are threat actors out there who have that facility".

Business users regularly trade Office files via email, a fact that cyber-attackers rely on for their spam and phishing campaigns. On Tuesday, Microsoft would be scheduling its monthly security updates but the vulnerability of this patch would be included or not is still not known. He suggested that users enable Office Protected View.

But FireEye believes these attacks only began after the McAfee blog post and likely reverse engineered the vulnerability from the blog post.

Users of Microsoft Office are being warned of a new zero-day security flaw that has been exploited since at least January. Also, the attack can not bypass the Protected View in Word, so McAfee suggested enabling this view mode when opening documents just to be sure.

Share:

IN CASE YOU MISSED IT

  • 'F-ing Horrifying': Sessions Outlines Immigration Crackdown in 'Trump Era'
  • Leonard Fournette still in play as No. 1 overall pick
  • 'Boss Baby' Stays in Charge, Edging 'Beauty and the Beast'
  • YOU MAY ALSO LIKE...

    • Facebook charged over use of facial recognition 4/18/2018
    • Google kicks off construction on $600M Alabama data center 4/10/2018
    • Canada police say 14 dead after hockey bus crash 4/08/2018
    • Apple releases iOS 11.3 with iPhone battery tool, new Animoji 3/30/2018
    • All-New 2019 Toyota RAV4 & RAV4 Hybrid - Pictures, Specs, Details 3/29/2018
    • Killer Mike: NRA used my interview 'as a weapon' against marchers 3/27/2018
    • Video shows autonomous Uber, backup driver failing to protect pedestrian 3/25/2018
    • EPL: Wilshere reveals Wenger asked him to leave Arsenal 3/24/2018
    • Apple's upcoming 5.85-inch OLED iPhone could be cheaper than iPhone X 3/23/2018
    • NRA Sues Florida Governor Rick Scott Over Rifle Purchase Age Restriction 3/13/2018

RELATED NEWS

Burger King tried to hijack the Google Home with new Whopper ad
Still, according to Bloomberg, Burger King President Jose Cil called it "a cool way, and a bold way, to surprise our guests ". Earlier this year, a news anchor accidentally triggered Echo devices belonging to viewers, causing them to order dollhouses.
4/13/2017

Tim Tebow homers twice, strikes out 5 times in 1st series
It was a three-run shot against the Augusta (Ga.) Greenjackets (really?), and the ball went well over the right-centerfield fence. Tebow signed a minor league deal with the Mets back in September and has been at their spring training facility in Port St.
4/13/2017

Burger King trolls Google Home owners with device-triggering ads
Burger King today released a new ad that's meant to get Google Home to tell you about the Whopper, the company's signature burger. Should companies try to break through your TV to continue their advertising via your connect devices?
4/13/2017

China consumer inflation rises 0.9% in March
CPIH is the ONS's preferred measure of inflation, which includes costs associated with living in, maintaining and owning a home. The urban CFPI in the month of March was 2.27% as compared to 1.87% in February and 3.98% during the same period a year ago .
4/13/2017

Syrian rebels welcome USA missile attack
The American attack "sends a clear message to the regime and its backers" that they can no longer avoid repercussions, he added. Syrian officials and their allies also said they did not expect the attack to lead to an expansion of the conflict.
4/12/2017

North Korea fires missile into Sea of Japan
Initially, the US military said North Korea had tested a KN-15 medium-range ballistic missile. North Korea often responds to the drills with its own military training and harsh rhetoric.
4/12/2017

Garcia wins 1st major title at the Masters
Sergio Garcia's sudden-death victory in the Masters marked the completion of golf's first major on the 2017 calendar. Garcia (71-69-70-69) and Rose (71-72-67-69) were the only golfers to play all four rounds this week at par or under.
4/11/2017

Haley: Attack on Syria 'one of the president's finest hours'
Officials are hoping that this can be leveraged to bring a new diplomatic push to end the 6-year-old civil war in Syria. The U.S. believes the Syrian regime used chemical weapons on a northern Syrian town, killing dozens including children.
4/11/2017

Willett goes back to basics with roast beef Masters dinner
This year's Masters will be missing the presence of legendary Hall of Famer Arnold Palmer, who died last year at age 87. You've climbed Everest and you've put your flag in.
4/11/2017

Malala Yousafzai made UN Messenger of Peace
Yousafzai underscored the importance of education, especially education of girls, for advancing communities and societies. The 19-year-old student, who is preparing for her A-levels, will take the role with a special focus on girls' education.
4/11/2017

Hillary Clinton disagrees with Trump's reason for ordering airstrikes on Syria
And she blames woman-hatred for her loss? According to Clinton, Russian President, Vladimir V. I think there's something to be said for that. "I think there's a lot to do", she answered.
4/10/2017

EU deal 'in all our interests', May tells European press
Tusk said the talks would be hard and sometimes confrontational, saying it was his "first divorce and I hope the last one". This was echoed by German Chancellor Angela Merkel and outgoing French President Francois Hollande on Thursday.
4/10/2017

Real Madrid star Pepe ruled out of Bayern Munich clash
The stalemate in the Spanish capital derby left leader Real three points ahead of Barcelona, which visited Malaga later Saturday. The highly anticipated Madrid derby has seen Real and Atletico share the spoils, following a 1-1 draw at the Santiago Bernabeu.
4/10/2017

Supreme Court Rules, Bentley Impeachment Back on
Bentley's] lawyers claim they don't have enough time to study a 131-page report by the Alabama Ethics Commission". We will review today's document dump - which appears to be an amalgam of hearsay, rumor and innuendo.
4/10/2017

Capitals beat Bruins 3-1 in possible playoff preview
The Maple Leafs, who clinched a playoff spot with a 5-3 win over Pittsburgh on Saturday, are even in points with Boston. Staying in probably the [Atlantic Division], people have said is probably the easier path. "They didn't get too much".
4/10/2017

    • Top picks

      • Samsung unveils 30TB SSD capable of holding 12000 hours of HD video2/20/2018
      • McDonald's to remove cheeseburgers from Happy Meal menu2/17/2018
      • Sea of Thieves is getting microtransaction pets a few months after launch2/15/2018
      • Qualcomm Snapdragon 845 benchmarks look good but not good enough2/15/2018
    • Weekly News

      • Google is testing smart replies in popular third-party messaging apps2/14/2018
      • NYT at 10-year high after digital subs growth powers Q4 beat2/12/2018
      • Windows 10 Build 17093 adds per-app multi-GPU settings and more2/10/2018
      • Recent Price Moves Of: Activision Blizzard, Inc. (ATVI)2/09/2018
    • Latest News

      • Mario comes to Google Maps as a celebration of Mario Day3/11/2018
      • Super Smash Bros. Series Creator Masahiro Sakurai Working on Switch Game3/11/2018
      • Samsung Galaxy S9+ bags the top spot on DxOMark3/05/2018
      • Dropbox files for public stock offering of $500 mln2/24/2018
    • Home
    • About Company
    • Career
    • Site Map

    Friday 20 April 2018

    © 2018 Namct. ALL RIGHTS RESERVED.