Red Security

Quote:A new zero-day exploit for Windows VBScript Engine discovered that belongs to North Korean cyber criminals gang called Darkhotel which is the same gang behind another Zero-day flaw “double kill” that affected IE browser. This new zero-day attack spotted in July by security researchers from Trend Micro that helps to exploit the code execution vulnerability in Windows VBScript Engine.

Researchers discovered that, this Zero-day using Microsoft Office Document with an embedded domain name "http ://windows-updater[.]net/stack/ov.php?w= 1\x00who =1"