Critical Vulnerability: Remote Code Execution in Microsoft Windows

Microsoft warns users about 0-day attacks via PowerPoint OLE objects. Hackers are exploiting a zero-day vulnerability in Windows.

Vulnerability in Microsoft OLE Could Allow Remote Code Execution and affecting all supported releases of Microsoft Windows, excluding Windows Server 2003.

Today, Microsoft has released Security Advisory 3010060 as well as the “Fix It” temporary patch. A new ID, CVE-2014-6352, has been assigned to track this issue.

Danger level: Critical

Availability fixes: None

Quantity of vulnerabilities: 1

CVSSv2 Rating: (AV: N / AC: L / Au: N / C: C / I: C / A: C / E: H / RL: U / RC: C) = Base: 10 / Temporal: 10

CVE ID: CVE-2014-6352

Vector of operation: Remote (Website or e-mail with malicious content)

Impact: System Compromise, arbitrary code execution

The availability of exploit code: active exploitation of the vulnerability

Affected Products: Microsoft Windows 7, Windows 8, Windows 8.1, Windows RT, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows Vista

Affected versions: Microsoft Windows 7, 8, 8.1, RT, RT 8.1, Server 2008, Server 2012, Vista

Description:

[CVE-2014-6352] The vulnerability could allow a remote user to compromise a vulnerable system.

The vulnerability is caused due to an unspecified error when parsing OLE objects embedded in files Microsoft Office. A remote user can execute arbitrary code on the target system.

Note: The vulnerability is actively exploited in the present moment.

Solution: currently does not exist.

CVE-2014-6352 : VIDEO

References:

https://technet.microsoft.com/en-us/library/security/3010060

Manufacturer URL: http://windows.microsoft.com