1

I have encountered the following article on Washington post: Russian hackers use ‘zero-day’ to hack NATO, Ukraine in cyber-spy campaign.

As always in such kind of articles the publication sounds too scary. There is almost no information to understand what are they talking about.

Can anyone understand what kind of vulnerability are they talking about and explain in more technical terms what happened?

Mark
  • 34,390
  • 9
  • 85
  • 134
Salvador Dali
  • 1,745
  • 1
  • 19
  • 32
  • @paj28 thank you for your comment. I thought that if this is an important vulnerability, someone already have outlined some technical details. Because this article tells me nothing. – Salvador Dali Oct 14 '14 at 10:02
  • 4
    Until the patch is released, it is in Microsoft's (and most peoples) best interests that info does not come out. – Rory Alsop Oct 14 '14 at 11:58
  • @RoryAlsop I know, but most interests not always agrees to what happens in the real word. There always will be people who knows something and this is exactly why I have asked the question. – Salvador Dali Oct 14 '14 at 21:41
  • I know. I was explaining why you hadn't yet seen any info. – Rory Alsop Oct 14 '14 at 21:56

1 Answers1

3

A description from isightpartners (English), and description from Eset's blog (Russian).

Embedded OLE object in Power Point document somehow can download and install .inf files and executable files.

Renat
  • 156
  • 6