Attackers bypass Microsoft patch to deliver Formbook malware

Sophos Labs researchers have detected the use of a novel exploit able to bypass a patch for a critical vulnerability (CVE-2021-40444) affecting the Microsoft Office file format. The attackers took a publicly available proof-of-concept Office exploit and weaponized it to deliver Formbook malware. The attackers then distributed it through spam emails for approximately 36 hours before it disappeared. From CAB to “CAB-less” exploit to bypass the patch for CVE-2021-40444 The CVE-2021-40444 vulnerability is a critical … More →

The post Attackers bypass Microsoft patch to deliver Formbook malware appeared first on Help Net Security.

click here to read full Article

Read More on latest Security Updates