Twitter | Pretraživanje | |
0patch
We issued a micropatch for CVE-2017-11774, a remote code execution vulnerability in Outlook that has been widely exploited and remains popular with attackers. In contrast to official patch which could be reverted by non-admins, micropatch will reliably disable Outlook Home Page.
03:01 - 28. sij 2020.
Twitter
od: 0patch @0patch
Reply Retweet Označi sa "sviđa mi se" More
0patch 28. sij
Odgovor korisniku/ci @0patch
The micropatch simply overrides Outlook's reading of WebView settings for determining whether Home Page is enabled, and makes Outlook believe the answer is "disabled" regardless of what the Registry says. This prevents the bypass. Source code contains just one instruction:
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
0patch 28. sij
Odgovor korisniku/ci @0patch
The micropatch is currently written for the last vulnerable version of Outlook 2016 but it will be trivial to port it to any other affected Outlook version. Anyone interested is welcome to contact us at sales@0patch.com
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
0patch 28. sij
Odgovor korisniku/ci @FireEye
A good article on recent exploitation of CVE-2017-11774 by Iran-nexus threat actors from :
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"