Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
threatpostDennis FisherTHREATPOST:1D743B7D5397A9D33A091396D1D95BDB
HistoryJul 13, 2009 - 6:53 p.m.

New Flaw in Microsoft Office Web Components Under Attack

2009-07-1318:53:30
Dennis Fisher
threatpost.com
89

0.974 High

EPSS

Percentile

99.9%

JSON

From SearchSecurity (Robert Westervelt)

Microsoft issued an advisory Monday, warning of a new vulnerability in Office Web Components being actively targeted by attackers. The Office Web Components allow users to view spreadsheets, charts and databases on the Web. Microsoft said the vulnerability is in the Spreadsheet ActiveX Control, which is used by Internet Explorer (IE) to display the data in the browser. It is remotely exploitable when a person browses with IE and visits a malicious website. If successfully exploited, an attacker could gain the same user rights as the local user and gain complete control of a system, Microsoft said. Read the full story [SearchSecurity].

Related

securelist 10
threatpost 161
myhack58 2
talosblog 2
mssecure 1
exploitpack 1
checkpoint_advisories 1
malwarebytes 2
metasploit 1
thn 8
hivepro 1
mskb 3
cisa_kev 1
packetstorm 1
zdt 1
symantec 1
openvas 2
ics 1
securelist
securelist
Spam and phishing in Q2 2018
2018-08-14 10:00:36
Spam and phishing in 2018
2019-03-12 10:00:16
Spam and phishing in Q2 2020
2020-08-07 10:00:07
threatpost
threatpost
Targeted Spy Campaign Hits Russian Service Centers
2018-06-07 19:43:35
Zusy Malware Installs Via Mouseover – No Clicking Required
2017-06-07 14:36:01
HA-CFI Technique Checks Mitigation Bypasses Earlier
2016-08-01 13:00:22
myhack58
myhack58
Wary of the use of the Office vulnerabilities to spread commercial spyware AgentTesla-vulnerability warning-the black bar safety net
2019-05-28 00:00:00
The use of a posture clear odd 11882 format overflow document analysis-vulnerability warning-the black bar safety net
2018-11-09 00:00:00
talosblog
talosblog
It's alive: Threat actors cobble together open-source pieces into monstrous Frankenstein campaign
2019-06-05 00:45:28
New HawkEye Reborn Variant Emerges Following Ownership Change
2019-04-16 11:45:39
mssecure
mssecure
In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks
2019-10-08 15:00:11
exploitpack
exploitpack
Microsoft Office - OLE Remote Code Execution
2017-11-20 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Office Memory Corruption Remote Code Execution (CVE-2017-11882)
2017-11-21 00:00:00
malwarebytes
malwarebytes
Microsoft is now disabling Excel 4.0 macros by default
2022-01-24 15:39:51
FormBook spam campaign targets citizens of Ukraine️
2022-03-09 19:35:09
metasploit
metasploit
Microsoft Office CVE-2017-11882
2017-11-21 19:47:02
thn
thn
New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks
2023-11-21 11:57:00
U.S. DoJ Dismantles Warzone RAT Infrastructure, Arrests Key Operators
2024-02-11 10:54:00
LodaRAT Windows Malware Now Also Targets Android Devices
2021-02-10 12:18:00
hivepro
hivepro
Cloud Atlas Exploits Six-Year-Old Flaw to Target Russian Companies
2023-12-28 14:23:55
mskb
mskb
Description of the security update for 2007 Microsoft Office Suite: November 28, 2017
2017-11-14 08:00:00
Description of the security update for Office 2016: November 14, 2017
2017-11-14 08:00:00
Description of the security update for Office 2010: November 28, 2017
2017-11-14 08:00:00
cisa_kev
cisa_kev
Microsoft Office Memory Corruption Vulnerability
2021-11-03 00:00:00
packetstorm
packetstorm
Microsoft Office Equation Editor Code Execution
2017-12-06 00:00:00
zdt
zdt
Microsoft Office - OLE Remote Code Execution Exploit
2017-11-21 00:00:00
symantec
symantec
Microsoft Office CVE-2017-11882 Memory Corruption Vulnerability
2017-11-14 00:00:00
openvas
openvas
Microsoft Office 2016 Remote Code Execution Vulnerability (KB4011262)
2017-11-15 00:00:00
Microsoft Office 2013 Service Pack 1 Remote Code Execution Vulnerability (KB3162047)
2017-11-15 00:00:00
ics
ics
LokiBot Malware
2020-10-24 12:00:00

0.974 High

EPSS

Percentile

99.9%

JSON
Related for THREATPOST:1D743B7D5397A9D33A091396D1D95BDB
securelist10threatpost161myhack582talosblog2mssecure1exploitpack1checkpoint_advisories1malwarebytes2metasploit1thn8hivepro1mskb3cisa_kev1packetstorm1zdt1symantec1openvas2ics1