This article is more than 1 year old

Redmond yells 'CUT' on Hacking Team horror movie exploit

Media Player attack closed off

Another of exploits against Microsoft Windows that hit as a zero day after Hacking Team was hacked has been fixed.

Trend Micro threat bod Kenney Lu says the fix for CVE-2015-2509 was among the 56 of this week's Patch Tuesday bug-splat.

Hacking Team's remote code execution exploit works on Windows Vista through to 8 and works if a victim opens a crafted Media Center link file which contains malcode.

Lu says the exploit works 'perfectly' on Windows Media Centre.

"This vulnerability is related to a previously unreported zero-day exploit discovered in the Hacking Team leaked emails," Lu says.

"Trend Micro researchers discovered the exploit and subsequently reported their findings to Microsoft.

"Based on information in the emails, the exploit works perfectly with the latest version of Windows Media Center."

It grants attackers the same user rights as the current user meaning those users with reduced access privileges will be of less value to bad guys.

Attackers can send the corrupt file through their vector of choice including email or drive-by-download Lu says.

A user need only open the file to be p0wned.

While Redmond says there is no indication net scum are targeting CVE-2015-2509 it is highly likely they will since the Hacking Team exploits have been publicly available for weeks.

Indeed Lu expects crims to jump on the bandwagon as is common after a big patch run.

Users should steer clear of all Media Centre link files until patches are applied as there are no mitigations or work arounds. ®

More about

TIP US OFF

Send us news


Other stories you might like