Lucene search
K

123 matches found

Qualys Blog
Qualys Blog
added 2017/12/12 7:27 p.m.64 views

December Patch Tuesday: Quiet End to the Year

This December Patch Tuesday is considerably lighter than last month’s patch releases. While only three of the fixes were for Windows operating systems, the majority of the vulnerabilities to pay attention to are Browser/Scripting Engine-based. Overall, this month's updates address are fixes for 3...

9.3CVSS8.5AI score0.45521EPSS
Exploits6
Talos Blog
Talos Blog
added 2017/12/12 3:32 p.m.174 views

Microsoft Patch Tuesday - December 2017

Today, Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 34 new vulnerabilities with 21 of them rated critical and 13 of them rated important. These vulnerabilities...

9.3CVSS1AI score0.68491EPSS
Exploits38
Microsoft CVE
Microsoft CVE
added 2017/12/12 8:0 a.m.133 views

Microsoft Office Defense in Depth Update

Microsoft has released an update for Microsoft Office that provides enhanced security as a defense-in-depth measure. The update disables the Dynamic Data Exchange protocol DDE in all supported editions of Microsoft Word. Microsoft is continuing to investigate this issue and will update this...

6.9AI score
Exploits0
Metasploit
Metasploit
added 2017/12/07 3:40 a.m.17 views

Microsoft Office DDE Payload Delivery

This module generates an DDE command to place within a word document, that when executed, will retrieve a HTA payload via HTTP from an web server. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...

0.9AI score
Exploits0
Kitploit
Kitploit
added 2017/11/23 9:6 p.m.14 views

DDEtect - Simple DDE Object Detector

Written by Amit Serper, @0xAmit DDEtector is a simple DDE object detector written in python Currently supports only word DOCX and legacy DOC files Prints the contents of the DDE payloads Note: In some cases DDEtect won't print the entire DDE payload. I'm working on writing a better matching...

7.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2017/11/10 12:0 a.m.136 views

Microsoft Excel 'Dynamic Data Exchange (DDE)' Attacks Security Advisory (4053440)

This host is missing an important security update according to Microsoft Security Advisory 4053440. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.2AI score
Exploits0References1
OpenVAS
OpenVAS
added 2017/11/10 12:0 a.m.43 views

Microsoft Outlook 'Dynamic Data Exchange (DDE)' Attacks Security Advisory (4053440)

This host is missing an important security update according to Microsoft Security Advisory 4053440. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.2AI score
Exploits0References1
OpenVAS
OpenVAS
added 2017/11/10 12:0 a.m.16 views

Microsoft Publisher 'Dynamic Data Exchange (DDE)' Attacks Security Advisory (4053440)

This host is missing an important security update according to Microsoft Security Advisory 4053440. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.2AI score
Exploits0References1
ThreatPost
ThreatPost
added 2017/11/09 9:15 a.m.15 views

Microsoft Provides Guidance on Mitigating DDE Attacks

Despite a rash of attacks leveraging Dynamic Data Exchange fields in Office, including some spreading destructive ransomware, Microsoft has remained insistent that DDE is a product feature and won’t address it as a vulnerability. Microsoft on Wednesday did, however, put some guidance in admins’...

Exploits0References5
CISA
CISA
added 2017/11/09 12:0 a.m.13 views

Microsoft Releases Security Advisory on Dynamic Data Exchange (DDE)

Microsoft has released an advisory that provides guidance on securing Dynamic Data Exchange DDE fields in Microsoft Office applications. Exploitation of this protocol may allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review the Microsoft...

6.6AI score
Exploits0References2
The Hacker News
The Hacker News
added 2017/11/08 10:7 p.m.22 views

Russian 'Fancy Bear' Hackers Using (Unpatched) Microsoft Office DDE Exploit

Cybercriminals, including state-sponsored hackers, have started actively exploiting a newly discovered Microsoft Office vulnerability that Microsoft does not consider as a security issue and has already denied to patch it. Last month, we reported how hackers could leverage a built-in feature of...

7.3AI score
Exploits0
Hacker One
Hacker One
added 2017/10/24 9:25 p.m.26 views

X (Formerly Twitter): OS Command Execution on User's PC via CSV Injection

Summary: Twitter is vulnerable to CSV Injection. If an attacker can successfully exploit this, then they will compromise the PC of the user. The injection point is via a tweet on the main twitter.com site while the retrieval point is via the “Export Data” option on the analytics site. Description...

7.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/10/23 5:24 p.m.23 views

A week in security (October 16 – October 22)

Last week was an eventful one in security, keeping our research and intel teams on their toes. Multiple security researchers homed in on suspicious and malicious apps on Google Play, affecting thousands of Android users. A new variant of Mac malware Proton was also found in the wild, this time...

7.7AI score
Exploits0
ThreatPost
ThreatPost
added 2017/10/20 12:5 p.m.10 views

Necurs-Based DDE Attacks Now Spreading Locky Ransomware

Microsoft may soon have to reflect on its stance that the use of an Office feature called DDE to execute code on compromised computers doesn’t merit a patch. The SANS Internet Storm Center last night said the Necurs botnet has been spreading Locky ransomware using the DDE attack. Handler Brad...

7.4AI score
Exploits0References3
Check Point Advisories
Check Point Advisories
added 2017/10/20 12:0 a.m.3 views

Microsoft Office DDE Remote Code Execution

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to the DDE feature that allows an Office application to load data from other Office applications. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted ema...

3.4AI score
Exploits0
The Hacker News
The Hacker News
added 2017/10/19 11:7 p.m.13 views

Unpatched Microsoft Word DDE Exploit Being Used In Widespread Malware Attacks

A newly discovered unpatched attacking method that exploits a built-in feature of Microsoft Office is currently being used in various widespread malware attack campaigns. Last week we reported how hackers could leveraging an old Microsoft Office feature called Dynamic Data Exchange DDE, to perfor...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/10/17 3:0 p.m.41 views

Old MS Office feature weaponized in malspam attacks

There have been a lot of talks recently following a write up and proof of concept about a Microsoft Office feature that can be misused and weaponized by malicious actors. The protocol, known as Dynamic Data Exchange.aspx DDE, has actually been around for a long time, and allows applications to...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2017/10/13 9:0 a.m.12 views

Legacy Office Feature Used In Novel Document Attacks

Recent document-based attacks have leveraged malicious macros that if enabled install malware. But, researchers at SensePost have developed a proof-of-concept attack that does not require macros and instead uses an old Microsoft Office feature called Dynamic Data Exchange to execute code on...

0.8AI score
Exploits0References5
The Hacker News
The Hacker News
added 2017/10/12 12:6 a.m.14 views

MS Office Built-in Feature Allows Malware Execution Without Macros Enabled

Since new forms of cybercrime are on the rise, traditional techniques seem to be shifting towards more clandestine that involve the exploitation of standard system tools and protocols, which are not always monitored. Security researchers at Cisco's Talos threat research group have discovered one...

7.8AI score
Exploits0
seebug.org
seebug.org
added 2017/10/12 12:0 a.m.34 views

Macro-less Code Exec in MSWord

Authors: Etienne Stalmans, Saif El-Sherei What if we told you that there is a way to get command execution on MSWord without any Macros, or memory corruption?! Windows provides several methods for transferring data between applications. One method is to use the Dynamic Data Exchange DDE protocol...

7.5AI score
Exploits0
Rows per page
Query Builder