Our new @OutflankNL blog post on abusing the SYLK file format. This 1980s file type can host macros in modern versions of MS Office / Excel without hitting protected mode. Post includes recommendations for mitigation (note: active abuse in the wild).https://outflank.nl/blog/2019/10/30/abusing-the-sylk-file-format/ …
-
-
For example, if you're unfortunate enough to still be using macOS Sierra (10.12.x), Safari will launch Excel to open an arbitrary file with zero user interaction. This makes for a complete drive-by download situation.pic.twitter.com/7tzrZ9U101
-
The fix for this was released as CVE-2019-1457: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1457 …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.