The recent zero-day vulnerability in Windows VBScript Engine (CVE-2018-8174), enables attackers to perform a remote code execution on targeted machines. Microsoft has released a security advisory CVE-2018-8174 on May 8, 2018, to address this issue. According to Microsoft, it impacts most of the Windows Operating Systems.
Seqrite detection
Seqrite’s generic detection ‘Exp.RTF.CVE-2017-0199.AO’ for Microsoft Office/WordPad exploit (CVE-2017-0199), released on December 12, 2017, detects the initial attack vector observed in the wild.
Seqrite has released the following detection for the vulnerability CVE-2018-8174:
- Exp.IE.CVE-2018-8174
- HTTP/CVE-2018-8174.IE
To read this post in detail, please visit
CVE-2018-8174 – Windows VBScript Engine Remote Code Execution Vulnerability
References
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8174
https://blogs.360.cn/blog/cve-2018-8174-en/
