Google
Current archive: October 22, 2014
Windows OLE RCE Exploit MS14-060 (CVE-2014-4114) – Sandworm
Written on:October 22, 2014
This recent exploit (dubbed “Sandworm”) took advantage of a vulnerability in which a specially crafted OLE object could allow remote code execution. In the case of the live sample exploit PPSX file I examined, it automatically downloaded the payload from a remote SMB share. I won’t rehash much of the details that others have covered but if you want to read more, here are some resources: Microsoft Security Bulletin: https://technet.microsoft.com/en-us/library/security/ms14-060.aspx Original Discovery by…
Read more...
are closed