Mad Monkey Home TumblreMailTwitterRSS FeedGoogle+Mad Monkey Home
   
 
QUICK LINKS
 
HOME
 
TECH NEWS  -  SITE NEWS

MONKEY STORE

ALL SOFTWARE
GAMES  -  SCREENSAVERS

FONTS

SUPPORT PAGES
CONTACT US

DONATE
 
  Quick Links
TAG CLOUD

affects agencies closed computers document enforcement execution exploited fireeye framework install malicious malware microsoft office patch patches police programming regular remote round russian security spyware target transform updates users vendor vulnerability wednesday windows

 
RECOMMENDED

Make Poverty History

 
Euro Downloads

 

Microsoft patches zero-day used to install police spyware

Microsoft patches zero-day used to install police spyware

Wed, 13 Sep 2017 10:35:00  
.NET framework flaw exploited.

Microsoft's regular Patch Wednesday round of security updates for Windows has closed a bug that left computers open to malware installed by law enforcement agencies.

The flaw, CVE-2017-8759, affects the.NET programming framework and allows for remote code execution.

Security vendor FireEye said the vulnerability had been used to target Russian Windows users through a malicious Microsoft Office document in rich text format (RTF) in July this year.

The vulnerability would attempt to install Gamma Group's FinSpy or FinFisher law enforcement spyware, FireEye said.

The security company did not disclose which law enforcement agency had deployed FinSpy.

It noted that the zero-day vulnerability used to install the malware is the second such flaw found this year.

FireEye believes the exploits, sold to law enforcement agencies, are also reaching financially motivated attackers.


 

Source: itnews

   

COPYRIGHT MAD-MONKEY 2005 -