Hackers exploit zero-day vulnerability in Microsoft Office sophisticated

Hackers exploit zero-day vulnerability in Microsoft Office sophisticated

2. Juni 2022 0 Von Horst Buchwald

Hackers exploit zero-day vulnerability in Microsoft Office sophisticated

San Francisco, 6/2/2022

China-backed hackers have exploited a zero-day vulnerability in Microsoft Office. The company has released workarounds to mitigate the threat.

The threat group, identified as TA413, posed as the Women’s Empowerment Desk of the Central Tibetan Administration, an organization that works on issues such as equal rights and violence against women.

The researchers stated that the malicious documents were sent via zip archives and URLs designed to mimic the real Tibetan government.

The vulnerability, which exploits Microsoft Office’s Uniform Resource Identifier (URI) scheme, is listed as CVE-2022-30190 and has been shown to work across all versions of Microsoft Office and Windows Server, including Office 365, which was not previously thought to be vulnerable.

The recommended workaround is to disable the MSDT URI to prevent Troubleshooter from being launched as links.