John Stevenson by John Stevenson | | Blog

The latest exploit concealed in business content that makes use of Office documents to deliver its payload has been discovered by a Chinese cybersecurity firm.

The exploit, dubbed "double kill" is an exploit in Internet Explorer that is used to infect machines through malicious Microsoft Office documents.

The zero day prompts the user to open a malicious Microsoft Office document that contains a link to a website. The exploit is designed to deliver a malware payload that takes advantage of a user account control (UAC) bypass technique, file steganography (Stegware) and fileless execution to install backdoor Trojans or take control of the machine.

It's an advanced threat, and Microsoft has yet to issue a formal response let alone a patch. However Deep Secure customers can relax in the knowedge that “double kill” is totally destroyed by Deep Secure Content Threat Removal and the onus doesn’t fall on the user to avoid the exploit or IT to issue Microsoft’s patch as a matter of urgency.

With Deep Secure solutions you can go beyond detection, transform the content and remove the threat. Job done.

View all posts