Author: Zeljka Zorz HNS Managing Editor/ Posted on 21 November 2014.
Last week, in its regular Patch Tuesday, Microsoft patched a number of serious vulnerabilities, including one that is nearly two decades old, dating back to Microsoft IE 3.0.
Discovered by the IBM X-Force Research team, the bug (CVE-2014-6332) can be exploited in drive-by attacks to take over the user’s machine, as it allows attackers to sidestep the Enhanced Protected Mode sandbox in IE 11 as well as the Microsoft's free EMET anti-exploitation tool.
It didn't take long for someone to make publicly available a proof-of-concept exploit for the flaw, and it took even less time for this particular exploit code to be modified and used by cyber criminals.
ESET researchers have spotted an active malware delivery campaign using the exploit to target users who visited a specific web page (about TV Reality show winners) on a popular Bulgarian news agency website.
"Strangely, the exploit is actually present two times consecutively," they shared. But, the delivered payload is the same in both cases: a file namednatmasla.exe.
full article
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.