Hackers Weaponize Unpatched Microsoft Flaw to Target NATO Summit Attendees

by | Jul 12, 2023 | News

Hackers Weaponize Unpatched Microsoft Flaw to Target NATO Summit

Post Views: 472

Premium Content

Patreon
Subscribe to Patreon to watch this episode.
Reading Time: 3 Minutes
Microsoft warned customers today that an unpatched security vulnerability in Windows and Office is being exploited in the wild to hack into computer systems. The flaw, tracked as CVE-2023-36884, can be exploited without requiring any user interaction to gain full control of a system.
 
The vulnerability was used in recent targeted cyberattacks against attendees of the NATO summit, according to Microsoft. The company said it is working on patches to fix the flaw but that mitigations are available in the meantime.
 
The attacks used malicious Word documents posing as communications from a Ukrainian organization to install malware on victims’ computers, cybersecurity researchers report. If successful, the exploit allows hackers to run their own code on a system to access data, install ransomware, or conduct other malicious activities.

See Also: So you want to be a hacker?
Offensive Security, Bug Bounty Courses

“This is achieved by leveraging the specially crafted document to execute a vulnerable version of MSDT, which in turn allows an attacker to pass a command to the utility for execution,” BlackBerry researchers said in a report.
 
The latest campaign shows “the actor’s latest campaign detected in June 2023 involved abuse of CVE-2023-36884 to deliver a backdoor with similarities to RomCom,” Microsoft said. RomCom is a malware linked to a Russian cybercriminal group that was previously tied to ransomware attacks using the Industrial Spy and Underground ransomware.
 
Underground ransom noteUnderground ransom note (BleepingComputer)
 

Trending: The Rise and Fall of Sabu: From Hacker Hero to FBI Informant

Trending: Recon Tool: Logsensor

Until official patches are released, Microsoft recommends enabling certain security features that can help block this type of attack. The company says it will likely release updates to fix the flaw as part of its normal monthly “Patch Tuesday” updates or through an out-of-band security update.

Trending: DDoSia Attack Tool Upgraded with Encryption, Concealed Targeting

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?

If you want to express your idea in an article contact us here for a quote: [email protected]

Source: bleepingcomputer.com

Source Link

Merch

Recent News

EXPLORE OUR STORE

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

Share This