Source |
Security Affairs |
Identifiant |
4894972 |
Date de publication |
2022-05-30 12:06:51 (vue: 2022-05-30 13:05:29) |
Titre |
Multiple Microsoft Office versions impacted by an actively exploited zero-day |
Texte |
>A zero-day flaw in Microsoft Office that could be exploited by attackers to achieve arbitrary code execution on Windows systems. The cybersecurity researcher nao_sec discovered a malicious Word document (“05-2022-0438.doc”) that was uploaded to VirusTotal from Belarus. The document uses the remote template feature to fetch an HTML and then uses the “ms-msdt” scheme to execute PowerShell […]
|
Envoyé |
Oui |
Condensat |
“05 “ms 0438 2022 achieve actively arbitrary attackers belarus code could cybersecurity day discovered doc” document execute execution exploited fetch flaw from html impacted malicious microsoft msdt” multiple nao office powershell researcher scheme sec systems template feature then the remote uploaded uses versions virustotal windows word zero |
Tags |
|
Stories |
|
Notes |
|
Move |
|