Hello Everyone!!!!
Welcome back to NewAgeInformers where we believe in sharing knowledge. Today we are going to discuss about a new vulnerability which has been found in the Microsoft Word application. Yes, I can imagine your reaction regarding this news. But the truth is YES, it is not safe !!! Researchers have found that there is a vulnerability in the feature of online video option given by Microsoft word.
This vulnerability allows an attacker to do phishing attack by altering or replacing the iFrame code of the video. This vulnerability was found by the researchers from cyber attack simulation firm called as Cymulate. According to their research and findings, an attacker can replace or alter the iFrame code of an online video with malicious code which can led to the phishing attack.
What is Phishing attack?
Phishing attack can be defined as an attack in which an attacker uses email or any other social media messaging app to send malicious links by masquerading as a trustworthy entity making them to open that malicious link. This can steal user credentials including private information like mobile number, credit/debit card numbers and so on.
Cymulate researchers disclosed all about this vulnerability and it's exploit by giving a press release on last Thursday. They have also submitted that POC report to the press explaining that how this vulnerability is going to work and how an attacker can do Phishing attack. "This logical bug is revealed when a user embeds a videos via the 'online video' feature. It resides in the .xml file, where a parameter called embedded Html refers to a YouTube iframe code. Hacker can replace the current YouTube iFrame code with malicious html/JavaScript that would be rendered by Internet Explorer." After saying this they have share a video also which shows the exploit of that vulnerability. You can check it here:- https://play.vidyard.com/oEeGKEsoqd995kKu6vS7RG
As shown in the video that it is very easy for malicious hacker to alter the iFrame code with the malicious code which leads to phishing attack. What the attackers need to do is just change or edit the "document.xml" file and then replace the malicious link with the original video link in the Word document. Due to well awareness spread among user about the phishing, attacker now can trick victims to open such malicious Word document having YouTube video in it. This may cause loss of private information and trust on trustworthy brands as well.
"Attackers could use this for malicious purposes such as phishing, as the document will show the embedded online video with a link to YouTube, while disguising a hidden html/javascript code that will be running in the background and could potentially lead to further code execution scenarios." This might be the best trick of phishing as the target users may not feel anything doubtful or malicious while opening a Word document having an embedded video does not produces any warning. This bug is present in the Microsoft Office 2016 and earlier versions of it with the online video feature.
Still no CVE allocated???
As per the sayings of SCMedia, researchers of Cymulate submitted this report to Microsoft 3 months ago. However, it is not selected for a CVE yet and the Senior Director of Microsoft Jeff Jones said,"The product is properly interpreting HTML as designed and working in the same manner as similar products." Until Microsoft fixes this bug, readers are requested to block all such Word documents containing embedded video in it. Because this is the best mitigation technique to be safe till the time patches are available.
Thank you for your time and stay connected with NewAgeInformers for more and more interesting articles. You can also connect with us here:
facebook: CLICK HERE!!!!!!!!!!
Welcome back to NewAgeInformers where we believe in sharing knowledge. Today we are going to discuss about a new vulnerability which has been found in the Microsoft Word application. Yes, I can imagine your reaction regarding this news. But the truth is YES, it is not safe !!! Researchers have found that there is a vulnerability in the feature of online video option given by Microsoft word.
This vulnerability allows an attacker to do phishing attack by altering or replacing the iFrame code of the video. This vulnerability was found by the researchers from cyber attack simulation firm called as Cymulate. According to their research and findings, an attacker can replace or alter the iFrame code of an online video with malicious code which can led to the phishing attack.
What is Phishing attack?
Phishing attack can be defined as an attack in which an attacker uses email or any other social media messaging app to send malicious links by masquerading as a trustworthy entity making them to open that malicious link. This can steal user credentials including private information like mobile number, credit/debit card numbers and so on.
Cymulate researchers disclosed all about this vulnerability and it's exploit by giving a press release on last Thursday. They have also submitted that POC report to the press explaining that how this vulnerability is going to work and how an attacker can do Phishing attack. "This logical bug is revealed when a user embeds a videos via the 'online video' feature. It resides in the .xml file, where a parameter called embedded Html refers to a YouTube iframe code. Hacker can replace the current YouTube iFrame code with malicious html/JavaScript that would be rendered by Internet Explorer." After saying this they have share a video also which shows the exploit of that vulnerability. You can check it here:- https://play.vidyard.com/oEeGKEsoqd995kKu6vS7RG
As shown in the video that it is very easy for malicious hacker to alter the iFrame code with the malicious code which leads to phishing attack. What the attackers need to do is just change or edit the "document.xml" file and then replace the malicious link with the original video link in the Word document. Due to well awareness spread among user about the phishing, attacker now can trick victims to open such malicious Word document having YouTube video in it. This may cause loss of private information and trust on trustworthy brands as well.
"Attackers could use this for malicious purposes such as phishing, as the document will show the embedded online video with a link to YouTube, while disguising a hidden html/javascript code that will be running in the background and could potentially lead to further code execution scenarios." This might be the best trick of phishing as the target users may not feel anything doubtful or malicious while opening a Word document having an embedded video does not produces any warning. This bug is present in the Microsoft Office 2016 and earlier versions of it with the online video feature.
Still no CVE allocated???
As per the sayings of SCMedia, researchers of Cymulate submitted this report to Microsoft 3 months ago. However, it is not selected for a CVE yet and the Senior Director of Microsoft Jeff Jones said,"The product is properly interpreting HTML as designed and working in the same manner as similar products." Until Microsoft fixes this bug, readers are requested to block all such Word documents containing embedded video in it. Because this is the best mitigation technique to be safe till the time patches are available.
Thank you for your time and stay connected with NewAgeInformers for more and more interesting articles. You can also connect with us here:
facebook: CLICK HERE!!!!!!!!!!
Comments
Post a Comment