Critical Word 0-day is only 1 of 3 Microsoft bugs under attack

by
Dan Goodin
from Ars Technica - All content on (#2JSKK)
GettyImages-89458836-800x533.jpg

Enlarge (credit: Stephen Brashear / Getty Images News)

A zero-day code-execution vulnerability in Microsoft Office is one of three critical flaws under active attack in the wild, Microsoft warned Tuesday as it rolled out a batch of updates that plug the security holes.

As Ars reported Monday night, attackers are exploiting the flaw to infect unsuspecting Word users with bank-fraud malware known as Dridex. Blog posts published Tuesday morning by security firms Netskope and FireEye reported that attackers are exploiting the same bug to install malware with the names Godzilla and Latenbot.

Ryan Hanson, a researcher at security firm Optiv and the person Microsoft credited with reporting the critical bug, said exploits can execute malicious code even when a mitigation known as Protected View isn't disabled. The attacks are able to bypass other exploit mitigations as well. Microsoft's fix for CVE-2017-0199, as the flaw is indexed, is here.

Read 3 remaining paragraphs | Comments

index?i=8XigBgFoPLg:gb-uuOb53MA:V_sGLiPB index?i=8XigBgFoPLg:gb-uuOb53MA:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments