http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0158
This RTF vulnerability was just patched in Apr. 10 as MS12-027.
Microsoft Security Bulletin MS12-027 -
Critical Vulnerability in Windows Common Controls
Could Allow Remote Code Execution (2664258)
http://technet.microsoft.com/en-us/security/bulletin/ms12-027
RTF File:
At this moment, the new exploit enjoys a very low AV detection rate
on VirusTotal, with only 2 out of the 42 antivirus engines flagging it as malicious.
Virustotal Report:
APT Group Graph generated by XecScan
XecScan http://scan.xecure-lab.com/
The Xecure Lab Scanner (XecScan) gives the security community and general public on-demand analysis of any suspicious document file where no installation or registration is required to enjoy the service. Though it's free, XecScan is capable of finding advanced malware, zero-day,and targeted APT attacks embedded in common file formats.
沒有留言:
張貼留言