Hackers use ‘Double Tap’ to exploit Windows OLE Automation Array Remote Code Execution Flaw
Researchers at FireEye have discovered that a known cyber criminal group APT3 aka UPS have started utilizing recently revealed vulnerabilities to target Windows machines. FireEye notes that the group has initiated attacks on 19th November 2014 targeting multiple high profile organizations. APT3 aka UPS have successfully used multiple Windows exploits, targeting both CVE-2014-6332 and CVE-2014-4113. The CVE-2014-6332 vulnerability was was disclosed publicly on 2014-11-11 and is a Windows OLE Automation Array Remote Code Execution flaw while CVE-2014-4113 is a privilege escalation vulnerability that was disclosed publicly on 2014-10-14. This group is the same one that was behind “Operation Clandestine Fox” which had inflicted considerable damage back in April 2014.