Security failure allows screen captures and webcams recording
Can Microsoft Office compromise computer security? Yes and a vulnerability allows it in the Office versions of 2007, 2010, 2013 and 2016.
This small security breach opened the door to the spread of data theft malware such as AgentTesla and Loki when the user opens a rich text file.
The computer infection occurs through a malicious rich text file, which the user opens using Microsoft Word. Once this happens, the Word program launches a process called 'schvost' with which opens the Microsoft Equation Editor, a program that creates mathematical equations within Word documents, and should not do anything else under normal circumstances
Among its capabilities includes the theft of user login credentials through Google Chrome, Mozilla Firefox, Microsoft Outlook and others, with screenshots, webcams recording and installation of additional malware on infected computers.
However, once the Equation Editor opens in the infected document, the malicious agent AgentTesla keeps it running and launching executable files. 'Schvost.exe', which has a name very similar to the schvost process of the Equation Editor, manages to establish a connection with the cyber-attacker's command and control server, which would allow him to infect the computer
According to the Checkpoint statement, the "combination of advanced protection against threats, multiple layers of advanced security and automated methods of reverse engineering" is present in the Threat Emulation engine of one of its security solutions, called SandBlast Zero-Day Protection
Date update on 2018-11-20. Date published on 2018-11-20. Category: hackers Author: Oscar olg Fuente: diariovasco