In order to exploit the vulnerability, an attacker will need to create a file with the .msc extension, containing specially crafted XML content, and then convince an authorized user (for example, using social engineering) to import this file.
As the researchers from Check Point, who discovered the bugs, explained, an attacker can create a file with the Link to Web Address snap-in (link to a web-resource) and include a link to its own server, thus redirecting to a page with malicious code.
“We have successfully managed to insert malicious URL link that contains malicious payloads such as redirection to SMB server that will capture the user NTLM hash”, — report researchers.
In the same way, an attacker can create a file with the ActiveX Control snap-in and save it as an .msc file by changing the string value in the StringsTables section to a malicious URL controlled by it.
According to experts, MMC files are used by system administrators and are not considered antivirus software as malicious. Cybercriminals can take advantage of it to control of a PC with administrator status and further advance over the network.
The problems affect versions of Windows 7, Windows 8.1, Windows 10 and Windows Server 2008 – Windows Server 2019. Microsoft has already fixed vulnerabilities with the release of June service pack. Currently, there are no cases of bugs’ exploitation.
The Microsoft Management Console (MMC) is a tool for opening, creating, and saving administration tools (called MMC consoles) that manage hardware, software, and network components of the MS Windows operating system.
Source: https://research.checkpoint.com
About News-bpudepi.today News-bpudepi.today pop-ups can not launch out of the blue. If you have actually…
About Doguhtam.xyz Doguhtam.xyz pop-ups can not expose out of nowhere. If you have clicked some…
About News-xlixoti.com News-xlixoti.com pop-ups can not introduce out of nowhere. If you have actually clicked…
About Ducesousightion.com Ducesousightion.com pop-ups can not introduce out of the blue. If you have actually…
About News-xlabica.live News-xlabica.live pop-ups can not launch out of the blue. If you have actually…
About Mergechain.co.in Mergechain.co.in pop-ups can not expose out of the blue. If you have clicked…