Hackers exploit zero-day vulnerability in Microsoft Office sophisticated2. June 2022
Hackers exploit zero-day vulnerability in Microsoft Office sophisticated
San Francisco, 6/2/2022
China-backed hackers have exploited a zero-day vulnerability in Microsoft Office. The company has released workarounds to mitigate the threat.
The threat group, identified as TA413, posed as the Women’s Empowerment Desk of the Central Tibetan Administration, an organization that works on issues such as equal rights and violence against women.
The researchers stated that the malicious documents were sent via zip archives and URLs designed to mimic the real Tibetan government.
The vulnerability, which exploits Microsoft Office’s Uniform Resource Identifier (URI) scheme, is listed as CVE-2022-30190 and has been shown to work across all versions of Microsoft Office and Windows Server, including Office 365, which was not previously thought to be vulnerable.
The recommended workaround is to disable the MSDT URI to prevent Troubleshooter from being launched as links.