reference: http://www.isightpartners.com/2014/10/cve-2014-4114/
An update that just cannot be missed this time around is MS14-060, this is a zero day exploit that can give an attacker remote access to your computer through the use of a Malicious Office Document.
This affects all supported versions of Microsoft Windows and Windows Server 2008 and 2012 has been discovered and announced by iSIGHT Partners in collaboration with Microsoft. A patch has been made available for the vulnerability as of Tuesday, October 14.
MS14-060: Vulnerability in Windows OLE Could Allow Remote Code Execution (3000869) — An attacker who convinced a user to open a malicious Office document could gain remote code execution.
Visible Targets
Visibility into this campaign indicates targeting across the following domains. It is critical to note that visibility is limited and that there is a potential for broader targeting from this group (and potentially other threat actors) using this zero-day.
- NATO Ukrainian government organizations
- Western European government organization
- Energy Sector firms (specifically in Poland)
- European telecommunications firms
- United States academic organization
The group has also reportedly used at least five other older vulnerabilities in their attacks with many times chaining exploits as they move through networks.
So far the actual zero-day vulnerability is successfully exploited through PowerPoint, or other attachments. There has not been any indication that the initial exploit attack vector is remote, so it relies on social engineering or tactic to get a file with the malicious code to execute.
- See more at: http://www.isightpartners.com/2014/10/cve-2014-4114/#sthash.kmiaLDli.dpuf
No comments:
Post a Comment