New Zero-day Double Kill malware in the wild, spreads via infected Office documents

Home » News

Reading time icon 1 min. read

Calendar icon Published on

by Surur Davids 

published on

Share this article

Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

Chinese security company Qihoo 360 has discovered a new form of malware currently in the wild which is actively exploiting a zero-day flaw in Internet Explorer to install a backdoor trojan on the PC of Windows users.

Users do not need to be actively using Internet Explorer as the web page comes embedded in the infected Office document.

Qihoo 360 notes that after the user opens the document, all exploit code and malicious payload are loaded through the remote server. The late exploit phase of the attack uses a public UAC bypass technique and uses file steganography and memory reflection loading to avoid traffic monitoring and fileless loading.

Microsoft has been notified of the issue and Qihoo 360 recommends users not open Office documents from unknown sources and in particular to use security software, as no patch is available yet.

Via Winfuture.de

More about the topics: double kill, internet explorer, security, windows 10

Surur Davids

Surur Davids Shield

Smartphone Expert

Surur Davids is the founder of WMPoweruser which later became MSPoweruser.com. He's a smartphone expert with over a decade of experience.

Leave a Reply

Your email address will not be published. Required fields are marked *