Akamai security researchers have provided more information regarding two already addressed vulnerabilities, tracked as CVE-2023-35384 and CVE-2023-36710, which could be jointly used to facilitate zero-click remote execution in Outlook, according to The Hacker News.
Attackers could deliver emails with malicious files or URLs redirecting to an Outlook client to exploit the first flaw which stems from MapUrlToZone function path parsing and is a bypass for the critical CVE-2023-23397 bug and enable the exposure of NTLM credentials, the Akamai report revealed. On the other hand, the second bug, which is a remote code execution issue in Windows Foundation Core and affects the Audio Compression Manager Component, stems from an integer overflow issue upon WAV file usage. "We managed to trigger the vulnerability using the IMA ADP codec. The file size is approximately 1.8 GB. By performing the math limit operation on the calculation we can conclude that the smallest possible file size with IMA ADP codec is 1 GB," said researcher Ben Barnea.
New variants of the QBot malware, also known as Qakbot, have emerged since mid-December despite having been disrupted in August, suggesting continuous testing by the malware developer, BleepingComputer reports.
More than $10 billion in fraud-related losses were reported by U.S. consumers for the first time in 2023, representing a 14% growth over 2022, even though the number of individuals who reported being targeted by fraud held steady at over 2.6 million, BleepingComputer reports.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news