Wednesday, 12 April 2017

Microsoft Office Zero-Day Patched After Months of Attacks

Microsoft released a security update for a flaw in the OLE API that affects most versions of Microsoft Word. Microsoft today patched a critcial zero-day vulnerability in Microsoft Office/WordPad that attackers had been exploiting in the wild for months. CVE-2017-0199 is a remote code execution vulnerability in the Windows Object Linking and Embedding (OLE) application programming interface. The vulnerability already had been weaponized in attacks to distribute the Dridex banking Trojan, as a botnet payload, and in a cyber espionage campaign.

View full story

ORIGINAL SOURCE: Dark Reading

The post Microsoft Office Zero-Day Patched After Months of Attacks appeared first on IT SECURITY GURU.



from Microsoft Office Zero-Day Patched After Months of Attacks

No comments:

Post a Comment