Microsoft Office is becoming a starting point for exploitation is not a challenge anyone wants to win. Tragically for Microsoft, Office is becoming platform for exploiting vulnerabilities, according to latest report from Menlo Security.
Malicious Microsoft Office documents attached to emails as an mean to deliver a malicious payloads is not new, but according to reports it is very effective.
Indeed, even while the reports were being made, another zero-day misuse – CVE-2018-5002 – was unveiled, all while two Flash zero-day vulnerabilities kept being exploited out there.
“There is likely to be an increase in attacks via malevolent email attachments using stealthily embedded, remotely hosted malicious components that leverage application and operating system vulnerabilities, both old and new,” the report stated.
The experts found that all ongoing zero-day attacks have been conveyed through Microsoft Word. “With CVE-2018-8174 and CVE-2018-5002, the attackers leveraged Word as a vector to exploit Adobe Flash Player and Internet Explorer. By using Word as the vector, the attackers were able to exploit a browser, even if it is not the default browser, and exploit Flash, even though Flash is blocked by most enterprises,” according to the report.
“Microsoft is therefore undoubtedly going to become the platform that attackers leverage most to deliver their zero-day exploits,” it is concluded in the report.
Kali Linux for Raspberry Pi 4 Relased
Offensive Security just introduced Kali Linux for Raspberry Pi 4, completely upgraded and re-engineered. This is the first model with…
Magic Eye Enables Robots To Improve Their Object Discovering Capacity
Another MIT-created procedure empowers robots to rapidly distinguish items covered up in a three-dimensional haze of information, reminiscent of how…
3 Cybersecurity Conferences of 2019 You Must Attend
As we know security takes a team, and it’s a journey. Boost your security approach by networking and knowledge sharing. Defcon When: 9-11 August, 2019…
Macrocomm announced as sponsor of IoT Forum Africa 2019
Macrocomm has been announced as a Bronze Sponsor of the Internet of Things Forum Africa 2019. This year, IoT Forum…