Double Kill Exploit Jumps From MS Office to Internet Explorer

By |2018-05-10T14:57:32-07:00May 10th, 2018|Threat Intelligence|

This week, Microsoft released a patch for the zero-day vulnerability (CVE-2018-8174) — central to the Double Kill exploit — affecting VBScript Engine. In this coordinated release, Qihoo 360 researchers discovered that it was exploited in the wild as early as April 18, 2018, allowing code execution by remote attackers. The vulnerability was used to install [...]