2022-05-30 19:55:22
Multiple Microsoft Office versions impacted by an actively exploited zero-day
A zero-day flaw in Microsoft Office that could be exploited by attackers to achieve arbitrary code execution on Windows systems.
The cybersecurity researcher nao_sec discovered a malicious Word document (“05-2022-0438.doc”) that was uploaded to VirusTotal from Belarus. The document uses the remote template feature to fetch an HTML and then uses the “ms-msdt” scheme to execute PowerShell code.
https://securityaffairs.co/wordpress/131800/hacking/multiple-microsoft-office-versions-zero-day.html
https://www.virustotal.com/gui/file/4a24048f81afbe9fb62e7a6a49adbd1faf41f266b5f9feecdceb567aec096784/detection
https://app.any.run/tasks/713f05d2-fe78-4b9d-a744-f7c133e3fafb/
39 viewsAnonimo501, 16:55