DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
November 23, 2017 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 57 people online.

 

Latest Reviews
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
ZOWIE G-TF Rough mousepad
 

Follow us
RSS
 

Malware now spreading via Word files without macros

Posted on Monday, November 13 2017 @ 07:45:44 CET by


MS logo
Security researchers from Trend Micro warn that hacker group Fancy Bear is targeting Microsoft Office with a new attack that does not rely on macros.

The technique abuses Dynamic Data Exchange (DDE), a feature to execute code stored in another file and that also allows apps to send updates as new data becomes available. The method may allow the installation of malware without detection by anti-virus programs.
In a blog post published Tuesday, Trend Micro researchers said Fancy Bear was sending a document titled IsisAttackInNewYork.docx that abused the DDE feature. Once opened, the file connects to a control server to download a first-stage of piece of malware called Seduploader and installs it on a target's computer. DDE's potential as an infection technique has been known for years, but a post published last month by security firm SensePost has revived interest in it. The post showed how DDE could be abused to install malware using Word files that went undetected by anti-virus programs.
Before the malicious payload can be executed, users will have to click two warning screens in Office. Microsoft posted a security advisory over here, it includes some mitigation tips.

Via: ARS Technica



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2017 DM Media Group bvba