Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, as exploited in the wild in March 2014.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
microsoft word 2010 |
||
microsoft word 2003 |
||
microsoft office web apps 2010 |
||
microsoft sharepoint server 2013 |
||
microsoft word viewer |
||
microsoft word 2013 |
||
microsoft office web apps server 2013 |
||
microsoft office 2011 |
||
microsoft office compatibility pack |
||
microsoft sharepoint server 2010 |
||
microsoft word 2007 |
Dropping Elephant (also known as “Chinastrats” and “Patchwork“) is a relatively new threat actor that is targeting a variety of high profile diplomatic and economic targets using a custom set of attack tools. Its victims are all involved with China’s foreign relations in some way, and are generally caught through spear-phishing or watering hole attacks. Overall, the activities of this actor show that low investment and ready-made offensive toolsets can be very effective when combined ...
Download PDF version We have already analyzed the situation with regard to the considerable increase in the number of new domain zones as well as mass generation of spammer domains in these zones, specifically those designed to send out illegitimate mass mailings. The further analysis of spam mailings shows that spammers rely not only on a huge number of new domains which they can change even within one thematic mass mailing, but also on the ways they are implemented in the text. For example, in...
Fear crims who invest in code for dough, not those who put themselves on show
The most infamous advanced persistent threat groups write exploits that fail more often than they work, malware bod Gabor Szappanos says. The malware prober with SophosLabs Hungary office examined 15 exploit writing groups and rated six as having only basic skills. Szappanos found one popular exploit (CVE-2014-1761) used as a performance benchmark given its popularity with crims, failed in 70 percent of attacks that targeted Microsoft Office 2010 users with malicious text documents. "In fact, we...
Chthonic exploits Word bug to hijack browsers, steal passwords
The latest evolution of the online bank account raiding Trojan ZeuS is the webcam-spying Chthonic malware, according to researchers. Chthonic infects Windows PCs, and allows criminals to connect to the compromised PC remotely and command it to carry out fraudulent transactions. The software nasty is targeting customers of more than 150 banks and 20 payment systems in 15 countries. Financial institutions in the UK, Spain, the US, Russia, Japan and Italy are among the most heavily targeted banks. ...
In the fall of 2014, we discovered a new banking Trojan, which caught our attention for two reasons: Kaspersky Lab products detect the new banking malware as Trojan-Banker.Win32.Chthonic. The Trojan is apparently an evolution of ZeusVM, although it has undergone a number of significant changes. Chthonic uses the same encryptor as Andromeda bots, the same encryption scheme as Zeus AES and Zeus V2 Trojans, and a virtual machine similar to that used in ZeusVM and KINS malware. We have seen several ...
Windows giant warns security flaw exploited in wild, but no patch available right now
Microsoft has warned its Word software is vulnerable to a newly discovered dangerous bug – which is being exploited right now in "limited, targeted attacks" in the wild. There is no patch available at this time. The flaw is triggered by opening a maliciously crafted RTF document in the Microsoft Office word processor, or opening it via Outlook, and allows the attacker to execute arbitrary code on the machine. The hole was disclosed by Microsoft on Monday outside the monthly Patch Tuesday cycle...
Vulmon