Lucene search
K

7 matches found

hivepro
hivepro
added 2024/07/03 5:35 p.m.3 views

Microsoft MSHTML Flaw the Silent Doorway for MerkSpy Malware

...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/03 9:53 a.m.66 views

Microsoft MSHTML Flaw Exploited to Deliver MerkSpy Spyware Tool

Unknown threat actors have been observed exploiting a now-patched security flaw in Microsoft MSHTML to deliver a surveillance tool called MerkSpy as part of a campaign primarily targeting users in Canada, India, Poland, and the U.S. "MerkSpy is designed to clandestinely monitor user activities,...

8.8CVSS7.3AI score0.96843EPSS
Exploits38
The Hacker News
The Hacker News
added 2022/01/25 2:4 p.m.95 views

Hackers Exploited MSHTML Flaw to Spy on Government and Defense Targets

Cybersecurity researchers on Tuesday took the wraps off a multi-stage espionage campaign targeting high-ranking government officials overseeing national security policy and individuals in the defense industry in Western Asia. The attack is unique as it leverages Microsoft OneDrive as a...

8.8CVSS0.2AI score0.96843EPSS
Exploits38
ThreatPost
ThreatPost
added 2021/09/17 12:7 p.m.75 views

Microsoft MSHTML Flaw Exploited by Ryuk Ransomware Gang

Criminals behind the Ryuk ransomware were early exploiters of the Windows MSHTML flaw, actively leveraging the bug in campaigns ahead of a patch released by Microsoft this week. Collaborative research by Microsoft and RiskIQ revealed campaigns by Ryuk threat actors early on that exploited the fla...

8.8CVSS7.8AI score0.96843EPSS
Exploits38References10
OSV
OSV
added 2021/09/15 12:15 p.m.2 views

CVE-2021-40444

Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker could craft a malicious Active...

8.8CVSS7.5AI score0.96843EPSS
Exploits38References5
NCSC
NCSC
added 2021/09/08 12:0 a.m.4 views

Vulnerability found in Microsoft Windows

A vulnerability has been found in Microsoft Windows' MSHTML component. A malicious party could potentially exploit it to execute arbitrary code under the privileges of a user. To do this, the malicious party needs to get the victim to to open a rogue Office document. Microsoft indicates that ther...

8.8CVSS7.4AI score0.96843EPSS
Exploits38
BDU FSTEC
BDU FSTEC
added 2019/01/18 12:0 a.m.8 views

The vulnerability of the MSHTML mechanism in the Internet Explorer browser and the Microsoft Office suite allows a hacker to execute arbitrary code.

The vulnerability of the MSHTML mechanism in the Internet Explorer browser and the Microsoft Office suite is related to errors in data processing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created file...

7.1CVSS7.8AI score0.53202EPSS
Exploits4References4Affected Software1
Rows per page
Query Builder