Microsoft PowerPoint Vulnerable to Zero-Day Attack

Microsoft PowerPoint Vulnerable to Zero-Day Attack
It seems that there is no end to the Windows zero-days, as recently Microsoft patched three zero-day vulnerabilities in Windows which were actively exploited in the wild by hackers, and now a new Zero-day vulnerability has been disclosed affecting all supported releases of Windows operating system, excluding Windows Server 2003.
Microsoft has issued a temporary security fix for the flaw and also confirmed that the zero-day flaw is being actively exploited by the hackers through limited, targeted attacks using malicious Microsoft PowerPoint documents sent as email attachments.
According to the Microsoft Security Advisory published on Tuesday, the zero-day resides within the operating system’s code that handles OLE (object linking and embedding) objects. OLE technology is most commonly used by Microsoft Office for embedding data from, for example, an Excel spreadsheet in a Word document.

The vulnerability (designated as CVE-2014-6352) is triggered when a user is forced to open a PowerPoint files containing a malicious Object Linking and Embedding (OLE) object. For now on, only PowerPoint files are used by hackers to carry out attacks, but all Office file types can also be used to carry out same attack.
"The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office file that contains an OLE object. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user," the advisory explained.
By gaining same rights as a logged-in user, an attacker could infect victim’s computer by installing other malicious programs on it. According to the software giant, some attacks that compromise accounts without administrator rights may pose less of a risk.
Microsoft has released a Fix it "OLE packager Shim Workaround" which will stop the known PowerPoint attacks. But it is not capable to stop other attacks that might be built to exploit this vulnerability. Also, the Fix it is not available for 64-bit editions of PowerPoint on x64-based editions of Windows 8 and Windows 8.1.
Meanwhile, Microsoft also urged Windows users to pay attention to the User Account Control (UAC) prompt, a pop-up alerts that require authorization before the OS is allowed to perform various tasks, which would warn a user once the exploit starts to trigger – asking permission to execute. But, users many times see it as an inconvenience and many habitually click through without a second thought.
"In observed attacks, User Account Control (UAC) displays a consent prompt or an elevation prompt, depending on the privileges of the current user, before a file containing the exploit is executed," Microsoft's advisory states.
Furthermore, Redmond didn't mention an out-of-band patch for the Zero-Day vulnerability, nor did it mention if a patch would be ready by November Security Patch update.
Earlier this month, Microsoft released eight security bulletins, as part of its monthly patch update, fixing three zero-day flaws at the same time. One of which (CVE-2014-4114) was discovered by iSight partners in all supported versions of Microsoft Windows and Windows Server 2008 and 2012 that was being exploited in the "Sandworm" cyberattack to penetrate major corporations' networks.

Comments

Post a Comment

Popular posts from this blog

Image
Chrome Flaw Allows Sites to Secretly Record Audio/Video Without Indication What if your laptop is listening to everything that is being said during your phone calls or other people near your laptop and even recording video of your surrounding without your knowledge? Sounds really scary! Isn't it? But this scenario is not only possible but is hell easy to accomplish. A UX design flaw in the Google's Chrome browser could allow malicious websites to record audio or video without alerting the user or giving any visual indication that the user is being spied on. AOL developer Ran Bar-Zik  reported  the vulnerability to Google on April 10, 2017, but the tech giant declined to consider this vulnerability a valid security issue, which means that there is no official patch on the way. How Browsers Works With Camera & Microphone Before jumping onto vulnerability details, you first need to know that web browser based audio-video communication relies on WebR...
Read more
Image
This tutorial will walk you through a step by step guide to crack WPA2 and WPA secured wireless networks. Please note that this is not the Reaver attack. If you want to crack WPA/WPA2 using Reaver then read this post. The process is done by airmon-ng suite. Many steps are same for WEP cracking and WPA/WPA2 too. What You’ll Need For this you will require all the basic things like a computer, spare time, etc. But important things are as follows: BackTrack OS.  Backtrack is a bootable Linux distribution with lots of pen-testing tools and is almost needed for all my tutorials. So, if you have not installed it please read this article on  how to install it. A compatible wireless network adapter.  If you are live booting BackTrack then the internal adapter will work but I recommend an external wireless adapter. Let’s Get Started Step 1:Boot into BackTrack You can use any method to boot into backtrack; like from live cd, VMware, dual boot, etc. So, just boot it fi...
Read more
The tool, named " Safety Check, " will soon be available globally to over 1.32 billion Facebook users on Android, iOS, feature phones and the desktops. The tool is designed to be activated after a natural disaster and by using either the city you lived in or your last location - if you have checked in on “ Nearby Friends ”, it let’s you alert your friends and family that you are safe, while also tracking the status of others. “ In times of disaster or crisis, people turn to Facebook to check on loved ones and get updates, ” wrote the company in a  blog post  about the feature. “ It is in these moments that communication is most critical both for people in the affected areas and for their friends and families anxious for news. ” According to Facebook, this new move is in sake of 2011 earthquake and tsunami disaster took place in Japan when a deadly tsunami set off 30-foot tidal waves that crashed into the shores of Japan, flooding entire cities and damaging nuclear po...
Read more