![]() ![]() In practice, this means that victims with administrative user rights may be more impacted. On its website, Microsoft claims that the vulnerability CVE-2017-11882, which targets Microsoft Office and Microsoft WordPad users, could allow the hacker to take control of the victim’s machine. The backdoor payload then tries to connect to a malicious domain that’s currently down”. “In the new campaign, the RTF file downloads and runs multiple scripts of different types (VBScript, PowerShell, PHP, others) to download the payload. Therefore, the recommendation is that users always keep their systems up to date. The good news is that the CVE-2017-11882 vulnerability was already remedied in November 2017, but Microsoft reports that it has seen an increase in the number of attacks that exploit the vulnerability using malicious files. “An active malware campaign using emails in European languages distributes RTF files that carry the CVE-2017-11882 exploit, which allows attackers to automatically run malicious code without requiring user interaction”, said the warning. The attackers aim to persuade users to open a malicious file that will infect their devices with malware. ![]() ![]() The attack exploits a security vulnerability in RTF files called CVE-2017-11882 that can reach users of Microsoft Office and Microsoft WordPad. On Twitter, the Microsoft Security Intelligence profile has posted a warning about a new spam campaign that uses malicious attachments and is targeting Europe. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |