CVE-2017-11774

Introduction

Nowadays, an attacker is trying to exploit an old vulnerability that been found in the year 2017 on Microsoft Outlook (CVE-2017-11774). 

This malware has been discovered by Sensepost and reported the vulnerability to Microsoft in 2017. As a result, Microsoft has released the patch update for the vulnerability flaw around October 2017 to the public

According to the Department of Homeland Security Cybersecurity and Infrastructure Security Agency:

This can be a way to the attacker to install the malware on the victims’ network

How the malware works?

The malware will allow the attacker to install and run the malware into the Outlook sandbox where the attacker also can run any other malicious code that reside in the other operating system.

According to the analysis made by Sensepost, the only resort for this vulnerability will be patching the system. A Security practices that can strengthen the defense is advisable such as put a line of defense of multi-factor authentication. 

In 2018, APT33 (Iranian Hackers) have report the vulnerability been exploit despite of the patch made in October 2017. However, there is an unpatched system where the attacker took advantages of exploiting the bug to run commands on the victims’ system 

The way of exploit the flaw, the attacker will use brute-force attacks method to make use of weak password with multiple account which is been targeted all at the same time.

Previously on June, DHS have warned on the Iran Hackers are focusing the US network with a wiper malware. It will affect the relationship between those two countries to be rise. 

Source: DHS Warns Hackers Exploiting Microsoft Outlook Vulnerability

Author: Wan Ariff

He brings with him more than 2 years of working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *