Saturday 18 July 2015

Zero-Day Vulnerability In Microsoft Office Used For Cyber-Espionage


Last Tuesday, Microsoft patched a zero-day vulnerability in Office, which recently has been actively used by a group engaged in cyber espionage. The group sent at least one RTF document on the nuclear negotiations with Iran. The document, which was discovered in Georgia, contained an exploit for a critical vulnerability in Microsoft Office 2013 Service Pack 1 and earlier versions of Office.

Once users opened the paper exploits document was replaced by a genuine document with information on the nuclear negotiations. In the background, however, was installed a backdoor that attackers had full control over the computer, says security firm iSIGHT Partners . According to the company, the group behind the attacks also associated with a recently patched zero-day vulnerability in Java that was also used in targeted attacks.

The group would in April two zero-day vulnerabilities in Flash Player and Windows have used and the recently unveiled Flash exploits which was available to the Italian Hacking Team. The group would have to cater for the collection of military and diplomatic intelligence, although telecoms and defense companies have been targeted. The Office leak that the group is used patched by MS15-070 .

No comments:

Post a Comment