Application security, Threat Intelligence, Incident Response, TDR, Vulnerability Management

Latest Ebola-themed phish leverages unpatched Windows bug

More Ebola-themed malicious emails are making the rounds, researchers at Websense warn, but this time the phishing ruses are being used to exploit a serious Windows vulnerability lacking a permanent fix.

Websense revealed in a Thursday blog post that some phishing emails were made to look like Ebola safety tips from World Health Organization (WHO), which actually led victims to remote access trojan (RAT) DarkKomet. Other emails appearing to contain information about the Ebola virus were booby trapped to exploit a Windows bug, CVE-2014-4114, in order to download and execute a malicious payload, the firm said.

The Windows vulnerability has also been leveraged by Russian cyberespionage group Sandworm Team.

Microsoft does not yet have a permanent fix for the flaw, but a temporary solution was made available last Tuesday. The tech giant assigned the vulnerability a new ID, CVE-2014-6352, as it continues to track the issue.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.