Forwarded from myMessage News
Forwarded from De.Fi 2.0 Announcements
π¨ WARNING
A Serious 0-day Vulnerability known as #Follina has been discovered in Microsoft Word Documents. It can allow Attacker to take a FULL Control over your PC (WITHOUT you even opening a file) βΌοΈ
This exploit is a stack of exploits on top of each other. Unfortunately, it is simple to replicate and cannot be detected by anti-virus software. Hold on tight while we try to explain.
The 0-day begins with a Microsoft Word feature called Templates. Word may load and execute HTML and JS from external sites with this functionality. Does it sound concerning? Don't worry, it just gets worse. Using the HTML and Javascript from the Template, the payload then executes the following Powershell command to launch a service named Microsoft Support Diagnostic Tool, or MSDT.
Microsoft Support use MSDT to assist in the debugging of operating system issues. MSDT also provides quick remote access to your PC. (Much like TeamViewer). There is only one issue. MSDT generally asks the user to provide their password before it can be run. MSDT, on the other hand, contains a buffer overflow vulnerability. As a result, the hacker may completely circumvent password protection.
Such exploits highlight the critical need of not storing private keys in plain text on your file system. Second, similar assaults have been shown to work in the past, and this vulnerability is considerably more dangerous as a "0-click" exploit.
β‘οΈ Here are your solutions:
1. You may be protected if you utilize Microsoft Cloud Delivered Protection Service. Nonetheless, we HIGHLY prefer solution 2;
2. Turning off the MSDT URL Protocol;
3. Use your hardware wallet and DO NOT store your seed phrase on your PC!
Credits to @wallet_guard for spotting such a severe issue. We recommend reading the full explanation thread written by them for deeper understanding on ways to protect yourself from such vulnerabilities.
Stay #SAFU! π₯
A Serious 0-day Vulnerability known as #Follina has been discovered in Microsoft Word Documents. It can allow Attacker to take a FULL Control over your PC (WITHOUT you even opening a file) βΌοΈ
This exploit is a stack of exploits on top of each other. Unfortunately, it is simple to replicate and cannot be detected by anti-virus software. Hold on tight while we try to explain.
The 0-day begins with a Microsoft Word feature called Templates. Word may load and execute HTML and JS from external sites with this functionality. Does it sound concerning? Don't worry, it just gets worse. Using the HTML and Javascript from the Template, the payload then executes the following Powershell command to launch a service named Microsoft Support Diagnostic Tool, or MSDT.
Microsoft Support use MSDT to assist in the debugging of operating system issues. MSDT also provides quick remote access to your PC. (Much like TeamViewer). There is only one issue. MSDT generally asks the user to provide their password before it can be run. MSDT, on the other hand, contains a buffer overflow vulnerability. As a result, the hacker may completely circumvent password protection.
Such exploits highlight the critical need of not storing private keys in plain text on your file system. Second, similar assaults have been shown to work in the past, and this vulnerability is considerably more dangerous as a "0-click" exploit.
β‘οΈ Here are your solutions:
1. You may be protected if you utilize Microsoft Cloud Delivered Protection Service. Nonetheless, we HIGHLY prefer solution 2;
2. Turning off the MSDT URL Protocol;
3. Use your hardware wallet and DO NOT store your seed phrase on your PC!
Credits to @wallet_guard for spotting such a severe issue. We recommend reading the full explanation thread written by them for deeper understanding on ways to protect yourself from such vulnerabilities.
Stay #SAFU! π₯