New Zero-day Microsoft word exploiteMalware & Forensics

Begin Learning Cyber Security for FREE Now!

Already a Member Login Here

Home Forums Malware & Forensics New Zero-day Microsoft word exploite

This topic contains 0 replies, has 1 voice, and was last updated by  JohnDayletCook 3 years, 1 month ago.

Viewing 1 post (of 1 total)
  • Author
  • #90463


    Don’t know if anyone else has written about this yet but Saturday McAfee announced a new Zero-day exploit with Microsoft word that affects all windows systems and all Microsoft Office, yes even Windows 10 and Office 2016. Just wrote a paper on it and here are some of the highlights. “The exploit appears in a word doc attached email message. When you open the doc (an RTF file with a .doc name extension), it has an embedded link that retrieves an HTA file. (an HTML application is usually wrapped around a VBScript or JScript program.) The downloaded file puts a decoy that looks like a document up on the screen, so users thinks they’re looking at a doc. Tit then stops the Word program to hide a warning that would normally appear because of the link.” (Fuscaldo, 2017). Once the HTA program has been downloaded “the HTA can run whatever it wants in the context of the local user. According to McAfee, the exploit works on all versions of windows, including Windows ten. It works on all versions of Office, including 2016.” (Fuscaldo, 2017). found it interesting reads referenced a couple different sources on this paper I will post them here for more reading.

    Fuscaldo, D. (2017). Microsoft Word Target of Zero-Day Malware Attack. INVESTOPEDIA.
    Leonhard, W. (2017). Word zero-day affects all versions of Office and Windows. InfoWorld.
    Whittaker, Z. (2017). Hackers are attacking Word users with new Microsoft Office zero-day vulnerability. ZDNet.

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?