Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote malicious users to execute arbitrary code via a crafted OLE object in an Office document, as exploited in the wild with a "Sandworm" attack in June through October 2014, aka "Windows OLE Remote Code Execution Vulnerability."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows vista |
||
microsoft windows server 2008 |
||
microsoft windows rt - |
||
microsoft windows 8.1 - |
||
microsoft windows 8 - |
||
microsoft windows server 2008 r2 |
||
microsoft windows 7 - |
||
microsoft windows server 2012 - |
||
microsoft windows server 2012 r2 |
||
microsoft windows rt 8.1 - |
Github, your ticket to world domination
The ultimate copy paste slacker hacker group has busted security controls in some 2500 corporates and government agencies using nothing but stolen code. The targets focus on those affiliated with military and political assignments around Southeast Asia and the contentious South China Sea, and may have been compromised in a little over six months. The group dubbed Patchwork for its use of multiple proof-of-concept and tools is detailed by researchers with Israeli deceptive infosec firm Cymmetria ...
From espionage to cybercrime
The Sandworm vulnerability is being actively abused to attack Swiss banking customers, Danish security consultancy CSIS has warned. CSIS reports that the attacks are pushing the latest version of the Dyre banking trojan. Attacks arrive as spam emails under the guise of information about unpaid invoices. In reality the PowerPoint attachment to these messages is booby-trapped to exploit the Sandworm vulnerability and infect insecure Windows PCs. Sandworm first reared its ugly head earlier this mon...
Might put out patch in update, might chuck it out sooner
Hackers are exploiting a zero-day vulnerability in Windows using malicious PowerPoint documents, Microsoft and security firms warn. An advisory from Microsoft warns that the as-yet-unpatched flaw is present in all supported versions of Windows except Windows Server 2003 and has already been abused in "limited, targeted attacks". The bug (CVE-2014-6352) can be triggered by sending a specially crafted Microsoft Office files to intended targets before tricking them into opening the booby-trapped fi...
Update (2014.10.15) – administrative notes for preparation… Friends on Twitter let me know their update cycle took close to 20 minutes on Windows 7. Yesterday, others on 8.1 told me their update download was around a gig, for some it was ~200 mb. Also, this cycle likely requires everyone a reboot to complete. ******* This morning was possibly one of the most information rich in the history of Microsoft’s patch Tuesdays. Last month, we pointed out the Aurora Panda/DeputyDog actor was l...
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Russians hackers have exploited a zero-day vulnerability in Microsoft Windows to hijack and snoop on PCs and servers used by NATO and the European Union, says security biz iSight. The software flaw is present in desktop and server flavors of the Redmond operating system, from Vista and Server 2008 to current versions. No patch for the hole exists yet, but is expected to be fixed in today's Patch Tuesday update from Microsoft. iSight has dubbed the vulnerability (CVE-2014-4114) “SandWorm”, an...