thecyberthrone.in
Open in
urlscan Pro
192.0.78.25
Public Scan
URL:
https://thecyberthrone.in/2021/12/08/windows-drive-by-rce-haunts/
Submission: On December 09 via api from US — Scanned from DE
Submission: On December 09 via api from US — Scanned from DE
Form analysis
5 forms found in the DOMGET https://thecyberthrone.in/
<form method="get" class="search-form" action="https://thecyberthrone.in/">
<label>
<span class="screen-reader-text">Search for:</span>
<input type="search" class="search-field" placeholder="Search" value="" name="s" title="Search for:">
</label>
<button type="submit" class="search-button"><span class="fa fw fa-search"></span><span class="screen-reader-text">Search</span></button>
</form>
POST https://thecyberthrone.in/wp-comments-post.php
<form action="https://thecyberthrone.in/wp-comments-post.php" method="post" id="commentform" class="comment-form" novalidate=""><input type="hidden" id="highlander_comment_nonce" name="highlander_comment_nonce" value="ef6aaf0b79"><input type="hidden"
name="_wp_http_referer" value="/2021/12/08/windows-drive-by-rce-haunts/">
<input type="hidden" name="hc_post_as" id="hc_post_as" value="guest">
<div class="comment-form-field comment-textarea">
<div id="comment-form-comment"><textarea aria-hidden="true" tabindex="-1"
style="position: absolute; inset: -999px auto auto 0px; border: 0px; padding: 0px; box-sizing: content-box; overflow-wrap: break-word; overflow: hidden; transition: none 0s ease 0s; height: 0px !important; min-height: 0px !important; font-family: Poppins, sans-serif; font-size: 14px; font-weight: 400; font-style: normal; letter-spacing: 0px; text-transform: none; text-decoration: none solid rgba(0, 0, 0, 0.7); word-spacing: 0px; text-indent: 0px; line-height: 19.6px; width: 594px;"
class="autosizejs "></textarea><textarea id="comment" name="comment" title="Enter your comment here..." placeholder="Enter your comment here..." style="height: 40px; overflow: hidden; overflow-wrap: break-word; resize: none;"></textarea>
</div>
</div>
<div id="comment-form-identity" style="display: none;">
<div id="comment-form-nascar">
<p>Fill in your details below or click an icon to log in:</p>
<ul>
<li class="selected" style="display:none;">
<a href="#comment-form-guest" id="postas-guest" class="nascar-signin-link" title="Login via Guest">
</a>
</li>
<li>
<a href="#comment-form-load-service:WordPress.com" id="postas-wordpress" class="nascar-signin-link" title="Login via WordPress.com">
<svg xmlns="http://www.w3.org/2000/svg" role="presentation" viewBox="0 0 24 24"><rect x="0" fill="none" width="24" height="24"></rect><g><path fill="#0087be" d="M12.158 12.786l-2.698 7.84c.806.236 1.657.365 2.54.365 1.047 0 2.05-.18 2.986-.51-.024-.037-.046-.078-.065-.123l-2.762-7.57zM3.008 12c0 3.56 2.07 6.634 5.068 8.092L3.788 8.342c-.5 1.117-.78 2.354-.78 3.658zm15.06-.454c0-1.112-.398-1.88-.74-2.48-.456-.74-.883-1.368-.883-2.11 0-.825.627-1.595 1.51-1.595.04 0 .078.006.116.008-1.598-1.464-3.73-2.36-6.07-2.36-3.14 0-5.904 1.613-7.512 4.053.21.008.41.012.58.012.94 0 2.395-.114 2.395-.114.484-.028.54.684.057.74 0 0-.487.058-1.03.086l3.275 9.74 1.968-5.902-1.4-3.838c-.485-.028-.944-.085-.944-.085-.486-.03-.43-.77.056-.742 0 0 1.484.114 2.368.114.94 0 2.397-.114 2.397-.114.486-.028.543.684.058.74 0 0-.488.058-1.03.086l3.25 9.665.897-2.997c.456-1.17.684-2.137.684-2.907zm1.82-3.86c.04.286.06.593.06.924 0 .912-.17 1.938-.683 3.22l-2.746 7.94c2.672-1.558 4.47-4.454 4.47-7.77 0-1.564-.4-3.033-1.1-4.314zM12 22C6.486 22 2 17.514 2 12S6.486 2 12 2s10 4.486 10 10-4.486 10-10 10z"></path></g></svg> </a>
</li>
<li>
<a href="#comment-form-load-service:Twitter" id="postas-twitter" class="nascar-signin-link" title="Login via Twitter">
<svg xmlns="http://www.w3.org/2000/svg" role="presentation" viewBox="0 0 24 24"><rect x="0" fill="none" width="24" height="24"></rect><g><path fill="#1DA1F2" d="M22.23 5.924c-.736.326-1.527.547-2.357.646.847-.508 1.498-1.312 1.804-2.27-.793.47-1.67.812-2.606.996C18.325 4.498 17.258 4 16.078 4c-2.266 0-4.103 1.837-4.103 4.103 0 .322.036.635.106.935-3.41-.17-6.433-1.804-8.457-4.287-.353.607-.556 1.312-.556 2.064 0 1.424.724 2.68 1.825 3.415-.673-.022-1.305-.207-1.86-.514v.052c0 1.988 1.415 3.647 3.293 4.023-.344.095-.707.145-1.08.145-.265 0-.522-.026-.773-.074.522 1.63 2.038 2.817 3.833 2.85-1.404 1.1-3.174 1.757-5.096 1.757-.332 0-.66-.02-.98-.057 1.816 1.164 3.973 1.843 6.29 1.843 7.547 0 11.675-6.252 11.675-11.675 0-.178-.004-.355-.012-.53.802-.578 1.497-1.3 2.047-2.124z"></path></g></svg> </a>
</li>
<li>
<a href="#comment-form-load-service:Facebook" id="postas-facebook" class="nascar-signin-link" title="Login via Facebook">
<svg xmlns="http://www.w3.org/2000/svg" role="presentation" viewBox="0 0 24 24"><rect x="0" fill="none" width="24" height="24"></rect><g><path fill="#3B5998" d="M20.007 3H3.993C3.445 3 3 3.445 3 3.993v16.013c0 .55.445.994.993.994h8.62v-6.97H10.27V11.31h2.346V9.31c0-2.325 1.42-3.59 3.494-3.59.993 0 1.847.073 2.096.106v2.43h-1.438c-1.128 0-1.346.537-1.346 1.324v1.734h2.69l-.35 2.717h-2.34V21h4.587c.548 0 .993-.445.993-.993V3.993c0-.548-.445-.993-.993-.993z"></path></g></svg> </a>
</li>
</ul>
</div>
<div id="comment-form-guest" class="comment-form-service selected">
<div class="comment-form-padder">
<div class="comment-form-avatar">
<a href="https://gravatar.com/site/signup/" target="_blank"> <img src="https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=identicon&forcedefault=y&r=G" alt="Gravatar" width="25" class="no-grav grav-hashed grav-hijack" id="grav-ad516503a11cd5ca435acc9bb6523536-0">
</a>
</div>
<div class="comment-form-fields">
<div class="comment-form-field comment-form-email">
<label for="email">Email <span class="required">(required)</span> <span class="nopublish">(Address never made public)</span></label>
<div class="comment-form-input"><input id="email" name="email" type="email" value=""></div>
</div>
<div class="comment-form-field comment-form-author">
<label for="author">Name <span class="required">(required)</span></label>
<div class="comment-form-input"><input id="author" name="author" type="text" value=""></div>
</div>
<div class="comment-form-field comment-form-url">
<label for="url">Website</label>
<div class="comment-form-input"><input id="url" name="url" type="url" value=""></div>
</div>
</div>
</div>
</div>
<div id="comment-form-wordpress" class="comment-form-service">
<div class="comment-form-padder">
<div class="comment-form-avatar">
<img src="https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=identicon&forcedefault=y&r=G" alt="WordPress.com Logo" width="25" class="no-grav grav-hashed grav-hijack"
id="grav-ad516503a11cd5ca435acc9bb6523536-1">
</div>
<div class="comment-form-fields">
<input type="hidden" name="wp_avatar" id="wordpress-avatar" class="comment-meta-wordpress" value="">
<input type="hidden" name="wp_user_id" id="wordpress-user_id" class="comment-meta-wordpress" value="">
<input type="hidden" name="wp_access_token" id="wordpress-access_token" class="comment-meta-wordpress" value="">
<p class="comment-form-posting-as pa-wordpress">
<strong></strong> You are commenting using your WordPress.com account. <span class="comment-form-log-out"> ( <a href="javascript:HighlanderComments.doExternalLogout( 'wordpress' );">Log Out</a> /
<a href="#" onclick="javascript:HighlanderComments.switchAccount();return false;">Change</a> ) </span>
<span class="pa-icon"><svg xmlns="http://www.w3.org/2000/svg" role="presentation" viewBox="0 0 24 24">
<rect x="0" fill="none" width="24" height="24"></rect>
<g>
<path fill="#0087be"
d="M12.158 12.786l-2.698 7.84c.806.236 1.657.365 2.54.365 1.047 0 2.05-.18 2.986-.51-.024-.037-.046-.078-.065-.123l-2.762-7.57zM3.008 12c0 3.56 2.07 6.634 5.068 8.092L3.788 8.342c-.5 1.117-.78 2.354-.78 3.658zm15.06-.454c0-1.112-.398-1.88-.74-2.48-.456-.74-.883-1.368-.883-2.11 0-.825.627-1.595 1.51-1.595.04 0 .078.006.116.008-1.598-1.464-3.73-2.36-6.07-2.36-3.14 0-5.904 1.613-7.512 4.053.21.008.41.012.58.012.94 0 2.395-.114 2.395-.114.484-.028.54.684.057.74 0 0-.487.058-1.03.086l3.275 9.74 1.968-5.902-1.4-3.838c-.485-.028-.944-.085-.944-.085-.486-.03-.43-.77.056-.742 0 0 1.484.114 2.368.114.94 0 2.397-.114 2.397-.114.486-.028.543.684.058.74 0 0-.488.058-1.03.086l3.25 9.665.897-2.997c.456-1.17.684-2.137.684-2.907zm1.82-3.86c.04.286.06.593.06.924 0 .912-.17 1.938-.683 3.22l-2.746 7.94c2.672-1.558 4.47-4.454 4.47-7.77 0-1.564-.4-3.033-1.1-4.314zM12 22C6.486 22 2 17.514 2 12S6.486 2 12 2s10 4.486 10 10-4.486 10-10 10z">
</path>
</g>
</svg></span>
</p>
</div>
</div>
</div>
<div id="comment-form-googleplus" class="comment-form-service">
<div class="comment-form-padder">
<div class="comment-form-avatar">
<img src="https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=identicon&forcedefault=y&r=G" alt="Google photo" width="25" class="no-grav grav-hashed grav-hijack" id="grav-ad516503a11cd5ca435acc9bb6523536-2">
</div>
<div class="comment-form-fields">
<input type="hidden" name="googleplus_avatar" id="googleplus-avatar" class="comment-meta-googleplus" value="">
<input type="hidden" name="googleplus_user_id" id="googleplus-user_id" class="comment-meta-googleplus" value="">
<input type="hidden" name="googleplus_access_token" id="googleplus-access_token" class="comment-meta-googleplus" value="">
<p class="comment-form-posting-as pa-googleplus">
<strong></strong> You are commenting using your Google account. <span class="comment-form-log-out"> ( <a href="javascript:HighlanderComments.doExternalLogout( 'googleplus' );">Log Out</a> /
<a href="#" onclick="javascript:HighlanderComments.switchAccount();return false;">Change</a> ) </span>
<span class="pa-icon"><svg xmlns="http://www.w3.org/2000/svg" role="presentation" x="0px" y="0px" viewBox="0 0 60 60">
<path fill="#519bf7" d="M56.3,30c0,-1.6 -0.2,-3.4 -0.6,-5h-3.1H42.2H30v10.6h14.8C44,39.3 42,42 39.1,43.9l8.8,6.8C53,46 56.3,39 56.3,30z"></path>
<path fill="#3db366" d="M30,57.5c6.7,0 13.1,-2.4 17.9,-6.8l-8.8,-6.8c-2.5,1.6 -5.6,2.4 -9.1,2.4c-7.2,0 -13.3,-4.7 -15.4,-11.2l-9.3,7.1C9.8,51.3 19.1,57.5 30,57.5z"></path>
<path fill="#fdc600" d="M5.3,42.2l9.3,-7.1c-0.5,-1.6 -0.8,-3.3 -0.8,-5.1s0.3,-3.5 0.8,-5.1l-9.3,-7.1C3.5,21.5 2.5,25.6 2.5,30S3.5,38.5 5.3,42.2z"></path>
<path fill="#f15b44" d="M40.1,17.4l8,-8C43.3,5.1 37,2.5 30,2.5C19.1,2.5 9.8,8.7 5.3,17.8l9.3,7.1c2.1,-6.5 8.2,-11.1 15.4,-11.1C33.9,13.7 37.4,15.1 40.1,17.4z"></path>
</svg></span>
</p>
</div>
</div>
</div>
<div id="comment-form-twitter" class="comment-form-service">
<div class="comment-form-padder">
<div class="comment-form-avatar">
<img src="https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=identicon&forcedefault=y&r=G" alt="Twitter picture" width="25" class="no-grav grav-hashed grav-hijack" id="grav-ad516503a11cd5ca435acc9bb6523536-3">
</div>
<div class="comment-form-fields">
<input type="hidden" name="twitter_avatar" id="twitter-avatar" class="comment-meta-twitter" value="">
<input type="hidden" name="twitter_user_id" id="twitter-user_id" class="comment-meta-twitter" value="">
<input type="hidden" name="twitter_access_token" id="twitter-access_token" class="comment-meta-twitter" value="">
<p class="comment-form-posting-as pa-twitter">
<strong></strong> You are commenting using your Twitter account. <span class="comment-form-log-out"> ( <a href="javascript:HighlanderComments.doExternalLogout( 'twitter' );">Log Out</a> /
<a href="#" onclick="javascript:HighlanderComments.switchAccount();return false;">Change</a> ) </span>
<span class="pa-icon"><svg xmlns="http://www.w3.org/2000/svg" role="presentation" viewBox="0 0 24 24">
<rect x="0" fill="none" width="24" height="24"></rect>
<g>
<path fill="#1DA1F2"
d="M22.23 5.924c-.736.326-1.527.547-2.357.646.847-.508 1.498-1.312 1.804-2.27-.793.47-1.67.812-2.606.996C18.325 4.498 17.258 4 16.078 4c-2.266 0-4.103 1.837-4.103 4.103 0 .322.036.635.106.935-3.41-.17-6.433-1.804-8.457-4.287-.353.607-.556 1.312-.556 2.064 0 1.424.724 2.68 1.825 3.415-.673-.022-1.305-.207-1.86-.514v.052c0 1.988 1.415 3.647 3.293 4.023-.344.095-.707.145-1.08.145-.265 0-.522-.026-.773-.074.522 1.63 2.038 2.817 3.833 2.85-1.404 1.1-3.174 1.757-5.096 1.757-.332 0-.66-.02-.98-.057 1.816 1.164 3.973 1.843 6.29 1.843 7.547 0 11.675-6.252 11.675-11.675 0-.178-.004-.355-.012-.53.802-.578 1.497-1.3 2.047-2.124z">
</path>
</g>
</svg></span>
</p>
</div>
</div>
</div>
<div id="comment-form-facebook" class="comment-form-service">
<div class="comment-form-padder">
<div class="comment-form-avatar">
<img src="" alt="Facebook photo" width="25" class="no-grav">
</div>
<div class="comment-form-fields">
<input type="hidden" name="fb_avatar" id="facebook-avatar" class="comment-meta-facebook" value="">
<input type="hidden" name="fb_user_id" id="facebook-user_id" class="comment-meta-facebook" value="">
<input type="hidden" name="fb_access_token" id="facebook-access_token" class="comment-meta-facebook" value="">
<p class="comment-form-posting-as pa-facebook">
<strong></strong> You are commenting using your Facebook account. <span class="comment-form-log-out"> ( <a href="javascript:HighlanderComments.doExternalLogout( 'facebook' );">Log Out</a> /
<a href="#" onclick="javascript:HighlanderComments.switchAccount();return false;">Change</a> ) </span>
<span class="pa-icon"><svg xmlns="http://www.w3.org/2000/svg" role="presentation" viewBox="0 0 24 24">
<rect x="0" fill="none" width="24" height="24"></rect>
<g>
<path fill="#3B5998"
d="M20.007 3H3.993C3.445 3 3 3.445 3 3.993v16.013c0 .55.445.994.993.994h8.62v-6.97H10.27V11.31h2.346V9.31c0-2.325 1.42-3.59 3.494-3.59.993 0 1.847.073 2.096.106v2.43h-1.438c-1.128 0-1.346.537-1.346 1.324v1.734h2.69l-.35 2.717h-2.34V21h4.587c.548 0 .993-.445.993-.993V3.993c0-.548-.445-.993-.993-.993z">
</path>
</g>
</svg></span>
</p>
</div>
</div>
</div>
<div id="comment-form-load-service" class="comment-form-service">
<div class="comment-form-posting-as-cancel"><a href="javascript:HighlanderComments.cancelExternalWindow();">Cancel</a></div>
<p>Connecting to %s</p>
</div>
</div>
<script type="text/javascript">
var highlander_expando_javascript = function() {
function hide(sel) {
var el = document.querySelector(sel);
if (el) {
el.style.setProperty('display', 'none');
}
}
function show(sel) {
var el = document.querySelector(sel);
if (el) {
el.style.removeProperty('display');
}
}
var input = document.createElement('input');
var comment = document.querySelector('#comment');
if (input && comment && 'placeholder' in input) {
var label = document.querySelector('.comment-textarea label');
if (label) {
var text = label.textContent;
label.parentNode.removeChild(label);
comment.setAttribute('placeholder', text);
}
}
// Expando Mode: start small, then auto-resize on first click + text length
hide('#comment-form-identity');
hide('#comment-form-subscribe');
hide('#commentform .form-submit');
if (comment) {
comment.style.height = '10px';
var handler = function() {
comment.style.height = HighlanderComments.initialHeight + 'px';
show('#comment-form-identity');
show('#comment-form-subscribe');
show('#commentform .form-submit');
HighlanderComments.resizeCallback();
comment.removeEventListener('focus', handler);
};
comment.addEventListener('focus', handler);
}
}
if (document.readyState !== 'loading') {
highlander_expando_javascript();
} else {
if (typeof window.jQuery === 'function') {
// Use jQuery's `ready` if available.
// This solves some scheduling issues between this script and the main highlander script.
jQuery(document).ready(highlander_expando_javascript);
} else {
// If not available, add a vanilla event listener.
document.addEventListener('DOMContentLoaded', highlander_expando_javascript);
}
}
</script>
<div id="comment-form-subscribe" style="display: none;">
<p class="comment-subscription-form"><input type="checkbox" name="subscribe" id="subscribe" value="subscribe" style="width: auto;"> <label class="subscribe-label" id="subscribe-label" for="subscribe" style="display: inline;">Notify me of new
comments via email.</label></p>
<p class="post-subscription-form"><input type="checkbox" name="subscribe_blog" id="subscribe_blog" value="subscribe" style="width: auto;"> <label class="subscribe-label" id="subscribe-blog-label" for="subscribe_blog"
style="display: inline;">Notify me of new posts via email.</label></p>
</div>
<p class="form-submit wp-block-button" style="display: none;"><input name="submit" type="submit" id="comment-submit" class="submit wp-block-button__link" value="Post Comment"> <input type="hidden" name="comment_post_ID" value="5372"
id="comment_post_ID">
<input type="hidden" name="comment_parent" id="comment_parent" value="0">
</p>
<p style="display: none;"><input type="hidden" id="akismet_comment_nonce" name="akismet_comment_nonce" value="310a1077bf"></p>
<input type="hidden" name="genseq" value="1639054943">
<p style="display: none !important;"><label>Δ<textarea name="ak_hp_textarea" cols="45" rows="8" maxlength="100"></textarea></label><input type="hidden" id="ak_js_1" name="ak_js" value="1639054944209">
<script>
document.getElementById("ak_js_1").setAttribute("value", (new Date()).getTime());
</script>
</p>
</form>
GET https://thecyberthrone.in/
<form method="get" class="search-form" action="https://thecyberthrone.in/">
<label>
<span class="screen-reader-text">Search for:</span>
<input type="search" class="search-field" placeholder="Search" value="" name="s" title="Search for:">
</label>
<button type="submit" class="search-button"><span class="fa fw fa-search"></span><span class="screen-reader-text">Search</span></button>
</form>
POST https://subscribe.wordpress.com
<form action="https://subscribe.wordpress.com" method="post" accept-charset="utf-8" id="subscribe-blog">
<p id="subscribe-email">
<label id="subscribe-field-label" for="subscribe-field" class="screen-reader-text"> Email Address: </label>
<input type="email" name="email" class="has-20-px-font-size has-cf-2-e-2-e-border-color" style="font-size: 20px; padding: 12px 18px 12px 18px; border-radius: 5px; border-width: 2px; border-color: #cf2e2e; border-style: solid;"
placeholder="Enter your email address" value="" id="subscribe-field">
</p>
<p id="subscribe-submit" style="width: 100%; max-width: 100%;">
<input type="hidden" name="action" value="subscribe">
<input type="hidden" name="blog_id" value="172946585">
<input type="hidden" name="source" value="https://thecyberthrone.in/2021/12/08/windows-drive-by-rce-haunts/">
<input type="hidden" name="sub-type" value="widget">
<input type="hidden" name="redirect_fragment" value="subscribe-blog">
<input type="hidden" id="_wpnonce" name="_wpnonce" value="666a2c4741"> <button type="submit"
class="wp-block-button__link has-20-px-font-size has-cf-2-e-2-e-border-color has-text-color has-white-color has-background has-vivid-red-background-color"
style="width: 100%; font-size: 20px; padding: 12px 18px 12px 18px; margin-top: 10px; border-radius: 5px; border-width: 2px; border-color: #cf2e2e; border-style: solid;"> Subscribe </button>
</p>
</form>
POST https://subscribe.wordpress.com
<form method="post" action="https://subscribe.wordpress.com" accept-charset="utf-8" style="display: none;">
<div class="actnbr-follow-count">Join 199 other followers</div>
<div>
<input type="email" name="email" placeholder="Enter your email address" class="actnbr-email-field" aria-label="Enter your email address">
</div>
<input type="hidden" name="action" value="subscribe">
<input type="hidden" name="blog_id" value="172946585">
<input type="hidden" name="source" value="https://thecyberthrone.in/2021/12/08/windows-drive-by-rce-haunts/">
<input type="hidden" name="sub-type" value="actionbar-follow">
<input type="hidden" id="_wpnonce" name="_wpnonce" value="666a2c4741">
<div class="actnbr-button-wrap">
<button type="submit" value="Sign me up"> Sign me up </button>
</div>
</form>
Text Content
Skip to content * Search Search for: Search THECYBERTHRONE THINKING SECURITY ! ALWAYS * Home * Security Within You.! * About Author Security WINDOWS DRIVE-BY RCE HAUNTS.! Date: December 8, 2021Author: PravinKarthik 0 Comments A drive-by remote code execution (RCE) vulnerability in Windows 10 that can be triggered simply by clicking a malicious URL could allow attackers full access to a victim’s files and data. Advertisements The security flaw, an argument injection in the Windows 10/11 default handler for ms-officecmd: URIs, is present in Windows 10 via Internet Explorer 11/Edge Legacy browsers and Microsoft Teams. Microsoft has since released a patch, but researchers claim that the fix – applied five months after the bug report “fails to properly address the underlying argument injection which is currently also still present on Windows 11”. Windows internally uses ms-officecmd: URIs to start various Microsoft programs. Researchers revealed how it is possible to craft an URL in such a way that, when clicked, it will execute a malicious command while also starting Microsoft Teams. Advertisements Chained together with a security issue in Internet Explorer 11/Edge Legacy, visiting a malicious website is enough to trigger the exploit. The researchers also warned that this vulnerability is still present in the operating system. The attack starts with a victim either visiting a malicious website in IE11/Edge Legacy or clicking a malicious link in another browser or desktop application. The link is then forwarded to LocalBridge.exe, which in turn runs various Office executables with a segment of the link as argument. Possibility to inject additional arguments exists, which allowed us to achieve code execution by triggering the launch of Microsoft Teams with an additional –gpu-launcher argument that is then interpreted by Electron. Exploitation through other browsers requires the victim to accept an inconspicuous confirmation dialog. Alternatively, a malicious URI could also be delivered via a desktop application performing unsafe URL handling. However, a precondition for this exploit is to have Microsoft Teams installed but not running. Advertisements When the issue was reported, Microsoft told the team that since this was a social engineering attack, it was not eligible for a bug bounty reward. A lengthy appeal process eventually resulted in the researchers being awarded a $5,000 reward – a figure that they argued was still insufficient, since it was just 10% of the maximum reward. Although the proof-of-concept no longer works, the argument injection vulnerability has not been patched. SHARE THIS: * Click to share on LinkedIn (Opens in new window) * Click to share on Twitter (Opens in new window) * Click to share on Facebook (Opens in new window) * Click to share on WhatsApp (Opens in new window) * Click to share on Pinterest (Opens in new window) * Click to share on Reddit (Opens in new window) * Click to share on Tumblr (Opens in new window) * Click to share on Telegram (Opens in new window) * LIKE THIS: Like Loading... RELATED MICROSOFT PATCH TUESDAY NOVEMBER 2021 Microsoft patched 55 CVEs in the November 2021 Patch Tuesday release, including six rated as critical, and 49 rated as important. KB5007186 has arrived for Windows 10 21H1, 20H2, and 2004, while there is KB5007215 for Windows 11.This month is security focused, with all supported OSes receiving patches for various… November 10, 2021 In "Security" ACTIVEX CONTROL RCE Microsoft said it has identified a limited number of attacks targeting a remote code execution vulnerability in MSHTML that affects Microsoft Windows tracked as CVE-2021-40444. An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine.The attacker would then… September 8, 2021 In "Security" MAGNIBER HUNTS INTERNET EXPLORER VULNERABILITY End of life for Internet Explorer is fast approaching, the Magniber ransomware gang has begun exploiting two patched vulnerabilities in Microsoft's legacy browser to launch attacks on unsuspecting users. The Internet Explorer vulnerabilities being exploited in Magniber's latest round of cyberattacks are tracked as CVE-2021-26411 and CVE-2021-40444 and both vulnerabilities… November 13, 2021 In "Security" Internet ExplorerMalicious linkMicrosoftRCESecurity ThreatVulnerabilityWindows 10WINDOWS 11 PUBLISHED BY PRAVINKARTHIK Cybersecurity Enthusiasts . Will keep update on all happenings around in Security Operations. View all posts by PravinKarthik POST NAVIGATION Previous Previous post: Emotet Directs Cobalt Strike Now ! Next Next post: Google Cloud IDS Generally Available for Network Threat Detection LEAVE A REPLY CANCEL REPLY Fill in your details below or click an icon to log in: * * * * Email (required) (Address never made public) Name (required) Website You are commenting using your WordPress.com account. ( Log Out / Change ) You are commenting using your Google account. ( Log Out / Change ) You are commenting using your Twitter account. ( Log Out / Change ) You are commenting using your Facebook account. ( Log Out / Change ) Cancel Connecting to %s Notify me of new comments via email. Notify me of new posts via email. Δ Advertisements Powered by wordads.co We've received your report. Thanks for your feedback! Seen too often Not relevant Offensive Broken Report this adPrivacy Search for: Search Security F5 ACQUIRES THREAT STACK by PravinKarthik September 20, 2021 Security COINBASE ACQUIRES CYBERSECURITY FIRM UNBOUND by PravinKarthik November 30, 2021 Security MCAFEE READIES TO SELL ITSELF by PravinKarthik November 6, 2021 Security IBM TO ACQUIRE REAQTA. ENDPOINT SECURITY STARTUP by PravinKarthik November 3, 2021 Security CROWDSTRIKE ACQUIRES SECURECIRCLE by PravinKarthik November 2, 2021 Security FORCEPOINT ACQUIRES BITGLASS by PravinKarthik October 26, 2021 Security NETAPP DEBUTS SPOT SECURITY by PravinKarthik October 22, 2021 Security ELASTIC TO ACQUIRE OPTYMYZE by PravinKarthik October 17, 2021 Security FIREEYE & MCAFEE ENTERPRISE MERGE by PravinKarthik October 1, 2021 Security AKAMAI ACQUIRES GUARDICORE by PravinKarthik September 30, 2021 Security F5 ACQUIRES THREAT STACK by PravinKarthik September 20, 2021 Security COINBASE ACQUIRES CYBERSECURITY FIRM UNBOUND by PravinKarthik November 30, 2021 Slide 1Slide 2Slide 3Slide 4Slide 5Slide 6Slide 7Slide 8Slide 9Slide 10 Subscribe to TheCyberThrone Today ! Join Hundreds of Subscribers receiving latest Cybersecurity news and happenings in and around the world. Email Address: Subscribe ARCHIVES HISTORY Archives History Select Month December 2021 (47) November 2021 (137) October 2021 (130) September 2021 (109) August 2021 (128) July 2021 (109) June 2021 (108) May 2021 (81) April 2021 (73) March 2021 (72) February 2021 (68) January 2021 (85) December 2020 (63) November 2020 (60) October 2020 (59) September 2020 (48) August 2020 (48) July 2020 (49) June 2020 (45) May 2020 (46) April 2020 (37) March 2020 (34) February 2020 (15) © 2021 TheCyberThrone Create a website or blog at WordPress.com * Follow Following * TheCyberThrone Join 199 other followers Sign me up * Already have a WordPress.com account? Log in now. * * TheCyberThrone * Customize * Follow Following * Sign up * Log in * Copy shortlink * Report this content * View post in Reader * Manage subscriptions * Collapse this bar %d bloggers like this: Notifications Playing