Source |
LogPoint |
Identifiant |
5021071 |
Date de publication |
2022-06-07 12:00:40 (vue: 2022-06-07 12:05:57) |
Titre |
Detecting Follina: Microsoft Office remote code execution zero-day |
Texte |
>by Bhabesh Raj Rai, Security ResearchOn May 27, 2022, a security researcher highlighted a malicious document submitted to VirusTotal from Belarus. The document used Microsoft Office's remote template feature to download an HTML file remotely and subsequently load it, which executed a PowerShell payload via the Microsoft Support Diagnostic Tool (MSDT). Adversaries who can exploit [...]
|
Envoyé |
Oui |
Condensat |
2022 >by adversaries belarus bhabesh can code day detecting diagnostic document download executed execution exploit feature file follina: from highlighted html load malicious may microsoft msdt office payload powershell rai raj remote remotely researcher researchon security submitted subsequently support template tool used virustotal which who zero |
Tags |
Tool
|
Stories |
|
Notes |
|
Move |
|