Exploits of critical Microsoft zero day more widespread than thought
Home | Reviews and Features | Special Reports | Forums |

Results 1 to 2 of 2

Thread: Exploits of critical Microsoft zero day more widespread than thought

  1. #1
    Join Date
    Mar 2000
    Posts
    27,271

    Exclamation Exploits of critical Microsoft zero day more widespread than thought

    At least two hacker gangs exploit TIFF vulnerability to hijack users' computers.

    The critical Microsoft Windows and Office vulnerability that came to light two days ago is being more widely exploited than previously reported, making it more urgent that end users install a temporary fix right away.

    Early research into the zero-day exploit detected only highly targeted attacks on individuals or companies that were mostly located in the Middle East and South Asia. More often than not, the word "targeted" is used to describe espionage campaigns aimed a particular company or industry. Now, researchers at two security firms have uncovered evidence that the same critical flaw—found in Windows Vista, Windows Server 2008, Microsoft Office 2003 through 2010, and all supported versions of Microsoft Lync—is also being targeted in wider-ranging hacking campaigns being carried out by multiple gangs, including one made up of financially motivated criminals.

    The more recently discovered attacks are being carried out by the same India-based group behind Operation Hangover, a malware campaign first detected earlier this year, researchers from security firm FireEye wrote in a recent blog post. The researchers went on to say that the same attacks—which exploit weaknesses in the way Microsoft code processes TIFF images—is being waged by yet another group, alternately dubbed Arx and Ark, to deliver the Citadel trojan. Citadel is a highly malicious piece of malware that's mostly
    used by criminals to access and liquidate online bank accounts...


    Full story available at the following link,
    Click HERE
    "I know nothing."
    Cheers.

  2. #2
    Join Date
    Feb 2011
    Posts
    367
    Doc

    ____________http://www.microsoft.com/security____________
    \____________________ ____.-.____ ____________________/
    \_____________\ -._)!(_.- /_____________/
    \_______\. ~\ /~ ./_______/
    \_______/

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •