Microsoft Offers Analysis of Zero-Day Exploited By Zirconium Group

  • 29 March 2017
  • 0 replies
  • 175 views

Userlevel 7
Badge +54
By Tom Spring March 28, 2017 , 5:12 pm                                           

 Microsoft has released technical details on a zero-day vulnerability being exploited by a little-known APT group known as Zirconium. According to the company the vulnerability (CVE-2017-0005) affects mostly older versions of Windows and can allow an adversary to execute remote code if a user either visits a specially crafted website or opens a rigged document.
 
The vulnerability, outlined Monday in a technical paper by Microsoft, affects the Windows Win32k component in the Windows GDI (Graphics Device Interface). If exploited it could potentially allow an adversary to launch an elevation of privilege attack.
 
Full Article

0 replies

Be the first to reply!

Reply