Microsoft Office Zero-Day Spread Surveillance Software

FireEye discovered CVE-2017-8759 flaw patched by Microsoft this week.

FireEye researchers recently discovered a malicious Microsoft Office RTF document using CVE-2017-8759, a SOAP WSDL parser code injection vulnerability. They reported details of the flaw to Microsoft, which
issued
a patch earlier this week.
CVE-2017-8759 lets an attacker inject arbitrary code during the parsing of SOAP WSDL definition contents. FireEye analyzed a Word document in which threat actors used the injection to download and execute a Visual Basic script containing PowerShell commands.
When successfully exploited, the vulnerability downloads several components and launches FINSPY surveillance software. The malware, also reported as FinFisher or WingBird, can be bought as part of a lawful intercept capability, referring to functions in telecommunications that let law enforcement wiretap individuals. Analysts say with moderate confidence the malicious document was used by a nation-state to target a Russian-speaking victim for cyberespionage.
This marks the second zero-day flaw used to distribute FINSPY that FireEye has discovered this year, which the company says demonstrates the many resources available to lawful intercept companies and customers. FINSPY has been sold to several clients, suggesting broader use.
Read more details
here
.
Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity
agenda here
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Microsoft Office Zero-Day Spread Surveillance Software