+- Red Security (https://redsecurity.info/cc)
+-- Forum: General (https://redsecurity.info/cc/forumdisplay.php?fid=1)
+--- Forum: News (https://redsecurity.info/cc/forumdisplay.php?fid=4)
+--- Thread: News Windows VBScript Engine Zero-day Flaw (/showthread.php?tid=711)
Windows VBScript Engine Zero-day Flaw - Mr.Kurd - 08-20-2018
In The Name OF Allah
Al-Salam Alekum
![[Image: OOBdF1534699692.png]](https://i2.wp.com/gbhackers.com/wp-content/uploads/2018/08/OOBdF1534699692.png)
Quote:A new zero-day exploit for Windows VBScript Engine discovered that belongs to North Korean cyber criminals gang called Darkhotel which is the same gang behind another Zero-day flaw “double kill” that affected IE browser. This new zero-day attack spotted in July by security researchers from Trend Micro that helps to exploit the code execution vulnerability in Windows VBScript Engine.https://gbhackers.com/windows-vbscript-engine-zero-day-flaw/amp/
Researchers discovered that, this Zero-day using Microsoft Office Document with an embedded domain name "http ://windows-updater[.]net/stack/ov.php?w= 1\x00who =1"
Wa Salam Alekum