For a while now, attackers have been ditching malicious macros and OLE objects in favor of the Dynamic Data Exchange (DDE) attack technique to deliver malware via booby-trapped Office documents. Microsoft has published a security advisory containing DDE attack mitigation instructions for both users and admins. Read More
The latest Patch Tuesday (17 October) brought patches for 62 vulnerabilities, including one that fixed СVE-2017-11826 – a critical zero-day vulnerability used to launch targeted attacks – in all versions of Microsoft Office. The exploit for this vulnerability is an RTF document containing a DOCX document that exploits СVE-2017-11826 in the Office Open XML parser. […]
Kaspersky Lab has always worked closely with vendors to protect users. As soon as we find new vulnerabilities we immediately inform the vendor in a responsible manner and provide all the details required for a fix. On October 10, 2017, Kaspersky Lab’s advanced exploit prevention systems identified a new Adobe Flash zero day exploit used […]
Latest Comments