By Eduard Kovacs on November 21, 2014
Security companies have started detecting attacks that leverage a critical remote code execution (RCE) vulnerability in Windows, which Microsoft patched last week.
Of the 14 security bulletins released by Microsoft on November 11, MS14-064 is one of the most important. The bulletin addresses a Windows Object Linking and Embedding (OLE) automation array RCE flaw (CVE-2014-6332), and a Windows OLE RCE bug (CVE-2014-6352).
CVE-2014-6352 had already been exploited in limited attacks when Microsoft released the patch, and experts have found that CVE-2014-6332 is also being exploited in the wild.
Full Article
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.