As a result of a recently discovered bug, hackers are able to execute remote code in all versions of Microsoft’s proprietary MSHTML browser engine without having to install the application. There is a zero-day vulnerability in Microsoft Word that attackers are taking advantage of by crafting specially crafted documents.
Microsoft’s products such as Skype, Visual Studio, and Microsoft Outlook, as well as several others, also use MSHTML, so the problem really is widespread, since MSHTML is also used by several Microsoft products.
A zero-day vulnerability in a Windows tool has been exploited by hackers via malicious Word documents to be able to compromise networks that have been protected by Microsoft’s workaround for administrators.
The Google-owned antivirus service VirusTotal detected a malicious Word document uploaded on 25 May from a Belarusian IP address on its website that was uploaded on the weekend.
As a result of Kevin Beaumont’s analysis, he discovered that despite macros being disabled, the malicious document – or “malloc” – was able to generate code through the legitimate Microsoft Support Diagnostic Tool (msdt.exe) despite the fact that macros were enabled.
MSDT is accessed through the ms-msdt URL protocol in Windows from the malicious Word document in order to execute the malware. There is now a “troubleshooter pack” available for download from the MSDT website.&n
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: