CVE-2018-8174

24 02, 2020

Exploring the Vulnerabilities with Most Associated Malware

By |2020-02-24T09:36:49-08:00February 24th, 2020|Vulnerability & Threat Management|

The recently-released Vulnerability and Threat Trends Report 2020 shone a light on a relatively underexposed trend by revealing the top ten vulnerabilities with most associated malware. These are flaws that are each used by around 50 types of malware. The most popular, CVE-2018-8174 or ‘Double Kill’, has astonishingly attracted a total of 62 associated malware [...]

10 05, 2018

Double Kill Exploit Jumps From MS Office to Internet Explorer

By |2018-05-10T14:57:32-07:00May 10th, 2018|Threat Intelligence|

This week, Microsoft released a patch for the zero-day vulnerability (CVE-2018-8174) — central to the Double Kill exploit — affecting VBScript Engine. In this coordinated release, Qihoo 360 researchers discovered that it was exploited in the wild as early as April 18, 2018, allowing code execution by remote attackers. The vulnerability was used to install [...]