Warning for Microsoft Office Outlook Privilege Escalation Vulnerability (CVE-2023-23397) Posted By gygy0101 , March 23, 2023 Overview Microsoft has discovered a vulnerability in Outlook for Windows that is being exploited to steal NTLM credentials. Microsoft has assigned the code CVE-2023-23397 to this vulnerability. The company gave it an unusually high CVSS score of 9.8, with CVSS being the evaluation score for the severity level. Vulnerability Details Outlook has a ‘Reminder’ feature which alerts users of schedules on their calendar. The following alert is also displayed when the schedule period has elapsed. Figure 1. Outlook Reminder feature The…
Warning for Asset Management Program (TCO!Stream) Vulnerability and Update Recommendation Posted By ASEC , March 23, 2023 Vulnerable Software and Overview TCO!Stream is an asset management solution developed by the Korean company, MLsoft. Consisting of a server and a client, administrators can use the console program to perform asset management work by accessing the server. TCO!Stream offers various features for asset management, but there is a process that runs constantly on the client in order to receive commands from the server. Commands are performed through this process. This management solution is exposed to vulnerability attacks that could…
Warning for Certification Solution (VestCert) Vulnerability and Update Recommendation Posted By ASEC , March 23, 2023 Vulnerable Software and Overview VestCert is a certification program used while accessing websites, and is a non-ActiveX module developed by the Korean company, Yettiesoft. This program is registered as a Startup Program and will be relaunched by Yettiesoft’s service (Gozi) even if it is terminated. It remains constantly active as a process once it is installed, so it can be exposed to vulnerability attacks. Thus, it needs to be updated to the latest version. Description of the Vulnerability This vulnerability was first…
Guide to Prevent Execution of Excel 4.0 Macro Malware – Microsoft Office 365 Product Posted By jcleebobgatenet , January 3, 2022 Excel 4.0 macro (XLM) malware is an attack method that uses Microsoft Office Excel files, and it has been established as the new document malware flow following VBA (Visual Basic Application). Excel 4.0 macro malware uses the ‘macro sheet’ feature in Excel. Each cell in the Excel sheet is composed of a function flow that can be run. Excel 4.0 macro malware has been most actively used in the recent methods of malware distribution using MS Office files. The developer…
[Announcement] New Log4j Vulnerability (CVE-2021-45105) – Log4j 2.17.0 Posted By jcleebobgatenet , December 23, 2021 CVE-2021-45105 vulnerability that operates in Log4j 2.16.0 version was additionally revealed on December 18th, 2021 (CVSS 7.5). 1. Vulnerable Versions Log4j 2.0-beta9 to 2.16.0 2. Vulnerability Exploitation Technique Vulnerability exploitations may occur if applications that use Log4j are enabled with the layout pattern and thread context features. The following shows the vulnerable environment and the technique for exploiting it. 1) Vulnerable Environment [Settings] Applications are enabled to lookup thread contexts in the layout pattern [Part of log4j2.properties settings] appender.console.type =…
