New Windows Zero-Day Flaw Wreaking Havoc In The Wild

advisory, though. And the company says that it is aware of limited, target attacks against select computers. Cyber espionage, perhaps? The flaw has been labeled (CVE-2014-6352), and Microsoft says that this vulnerability is exploited through PowerPoint documents — OLE is widely used on Microsoft Office in order to create and edit data with information in multiple formats. Microsoft has also rolled out a Fix It solution that takes care of this PowerPoint attack on most Office suites. However, the 64-bit versions of PowerPoint on Windows 8, 8.1, Windows Server 2012, and Server 2012 R2 are not covered with this workaround. Which ultimately makes it somewhat limited. Worryingly, as reported here by McAfee, attackers are still exploiting the OLE packager weakness, the result of which is that a second zero-day has been leveraged, one that goes as (CVE-2014-6352). Fingers crossed for a quick solution from Microsoft on this pressing security concern.]]>

Free Windows 10 Training Videos

More Related Articles

Leave a Reply