Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hackers use ‘Double Tap’ to exploit Windows OLE Automation Array


  • Please log in to reply
No replies to this topic

#1 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 11,671 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:07:14 AM

Posted 25 November 2014 - 08:55 PM

 

Researchers at FireEye have discovered that a known cyber criminal group APT3 aka UPS have started utilizing recently revealed vulnerabilities  to target Windows machines.  FireEye notes that the group has initiated attacks on 19th November 2014 targeting multiple high profile organizations. APT3 aka UPS have successfully used multiple Windows exploits, targeting both CVE-2014-6332 and CVE-2014-4113.  The CVE-2014-6332 vulnerability was was disclosed publicly on 2014-11-11 and is a Windows OLE Automation Array Remote Code Execution flaw while CVE-2014-4113 is a privilege escalation vulnerability that was disclosed publicly on 2014-10-14. This group is the same one that was behind  “Operation Clandestine Fox” which had inflicted considerable damage back in April 2014.

Hackers use ‘Double Tap’ to exploit Windows OLE Automation Array Remote Code Execution Flaw

BC AdBot (Login to Remove)

 


m



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users