Russian hackers exploit Windows bug

Kevin Lancaster · Oct 14, 2014

Russian hackers exploit Windows bug

Russian hackers exploited a bug in Microsoft Windows and other software to spy on computers used by NATO, the European Union, Ukraine and companies in the energy and telecommunications sectors

ponder · Oct 14, 2014

http://www.isightpartners.com/2014/10/cve-2014-4114/

An exposed dangerous method vulnerability exists in the OLE package manager in Microsoft Windows and Server
Impacting all versions of the Windows operating system from Vista SP2 to Windows 8.1
Impacting Windows Server versions 2008 and 2012

When exploited, the vulnerability allows an attacker to remotely execute arbitrary code

The vulnerability exists because Windows allows the OLE packager (packager .dll) to download and execute INF files. In the case of the observed exploit, specifically when handling Microsoft PowerPoint files, the packagers allows a Package OLE object to reference arbitrary external files, such as INF files, from untrusted sources.

This will cause the referenced files to be downloaded in the case of INF files, to be executed with specific commands

An attacker can exploit this vulnerability to execute arbitrary code but will need a specifically crafted file and use social engineering methods (observed in this campaign) to convince a user to open it

Electric · Oct 14, 2014

Knowing the Russians they'll do something stupid like post "I vant to **** jor muvver" on the hacked pc.

YAHsGeneral · Oct 14, 2014

geece...

kianm · Oct 14, 2014

the contents of phishing emails used to infect computers with tainted files

It has never been more important to educate users and also for the users themselves to use their common reasoning

Join the MyBroadband community

Get started

Russian hackers exploit Windows bug

Kevin Lancaster

MyBroadband Editor

ponder

Honorary Master

Electric

Honorary Master

YAHsGeneral

Active Member

kianm

Honorary Master