|
|
|
|
|
|
by csandreasen
4263 days ago
|
|
|
From the article: The vulnerability exists because Windows allows the OLE packager (packager .dll) to download and execute INF files. In the case of the observed exploit, specifically when handling Microsoft PowerPoint files, the packagers allows a Package OLE object to reference arbitrary external files, such as INF files, from untrusted sources. So the process is initiated through a spearphish, and when the file is opened the vulnerability causes the system to download additional code and execute it. |
|
|