CYBER NEWS

Windows Zero-Day Exploited in Hackers Attacks

Windows Zero-Day Misused in Hackers AttacksA new zero-day flaw has been actively exploited by cyber-criminals, targeting primarily users on workstations and servers who open files with embedded OLE (Object Linking and Embedding) objects. At the moment, the vulnerability is exploited via PowerPoint files.

OLE objects in this particular case are used to display an Excel Sheet chart within a PowerPoint presentation. Experts explain that OLE vulnerabilities are often misused by cyber criminals for malicious practices, but this particular one is especially threatening, because it affects the latest fully patched Windows versions.

The OLE Vulnerability Exploited in Different Attacks

The flaw can be exploited only with the user’s interaction. In a hypothetical email attack, the malicious file would be attached to the message in a convincing manner so the user would open the OLE containing file, which can be any kind of Microsoft Office file or other third party file types.

In a hypothetical web-based attack, the hackers would create a webpage that contains the malicious PowerPoint or Microsoft Office file to exploit the flaw. Malicious websites or ones that host content provided by users could include specifically designed content that exploits the vulnerability. For this scenario, the hackers would have to convince the user to visit the webpage through the use of a hyperlink that would redirect the victim to the malicious page.

In case of a successful attack the cyber criminals would gain administrative rights over the compromised machine and be able to access, delete or modify data, install programs or create different accounts.

No Patches Available Yet

Microsoft is still working on the matter. So far the company is considering two options – to wait till the next Patch Tuesday in order to plug the hole or to issue and out-of-band patch.

There are a few thing users could do to block known attack vectors:

  • Implement a certain Fix It solution (click for instructions here).
  • Avoid opening Microsoft Office or PowerPoint files from unknown or potentially unsafe sources.
  • Do not download email attachments they are not expecting.

Security vendors are doing their best to close the security hole but until then, hackers will keep on exploiting it for malicious purposes. Yet, the most effective defense mechanism in such cases remains the use of the latest detection technologies.

Avatar

Berta Bilbao

Berta is a dedicated malware researcher, dreaming for a more secure cyber space. Her fascination with IT security began a few years ago when a malware locked her out of her own computer.

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...