Recently, Tencent computer housekeeper issued a security alert through the official microblogging: Tencent security antivirus lab security team took the lead in capturing a virus sample around the world, and follow the example of a 0-day loophole lurking 17 years - & mdash; The virus exploits the 0day vulnerability in the Office Formula Editor to launch an attack that follows the same old CVE-2017-11882 "Aged" vulnerability that lasted for as long as 17 years, threatening large numbers of Office versions and requiring no other action when a user opens a malicious document , It will be implanted in the back door Trojans, criminals completely control the computer.
It is understood that 0Day loopholes, also known as Zero Day loopholes, refers to those who did not open, so there is no patch loopholes, which is commonly referred to as "undisclosed loopholes". Ma Jinsong, head of the anti-virus lab of Tencent Security Joint Lab, said that due to the undocumented nature of the 0Day vulnerability, a large number of users are negligent in this regard. Therefore, this 0day vulnerability is often exploited by unscrupulous hackers to launch malicious attacks. This discovery of a 17-year-old 0day loophole, is very rare. Earlier in the November issue of Microsoft Security Patch, the Office Remote Code Execution Vulnerability (CVE-2017-11882), which lasted as long as 17 years, was fixed.
Ma Jinsong said that after the team preliminary analysis, the vulnerability affects all current popular Office versions, including the current Office2007 has stopped, once the user opens a malicious document, without any other operation, it will be implanted in the backdoor Trojans, criminals have complete control computer. It is worth noting that the current PC use scenarios mostly for the office workers, and once the loopholes exploited by criminals for enterprises, will cause great harm to corporate security.
At present, Tencent security team has submitted the relevant vulnerability information to the official Microsoft, and for further analysis of the virus and vulnerability situations, for the first time for individuals and business users launched a security program against the security threats, Tencent Computer Manager, Tencent for the enterprise Security & ldquo; & rdquo; and & ldquo; Royal sector & rdquo; can detect and block attacks, to ensure the safety of individual users and businesses, and continue to monitor the exploit, the user need not be over-alarmed.
As the leading Internet security service and research team in China, Tencent Security's anti-virus lab and computer housekeeper team have repeatedly discovered and successfully alerted and intercepted high-risk security threats. In combination with Tencent Cloud, CNCERT, the Ministry of Public Security and the national police and operators And the Office and other partners to establish a complete network security emergency response cooperation mechanism, at the same time, Tencent Royal sector advanced threat detection system for enterprise-class security services products, based on Tencent anti-virus laboratory security capabilities, relying on Tencent in the cloud and Big data capabilities at the end of the spectrum form powerful and unique threat intelligence and malicious detection models that efficiently sense and exploit vulnerabilities. In the WannaCry ransomware attack, dark cloud series Trojan confrontation, defense response, Tencent security team have excellent performance.