Remote Code Execution – Microsoft Project (CVE-2024-38189).
Microsoft Project is a project management program. It is designed to assist a project manager in developing a schedule, assigning resources to tasks, tracking progress, managing the budget, and analyzing workloads.
The vulnerability was fixed as part of the August Patch Tuesday. The malicious code is executed when the victim opens a special Microsoft Office Project file, received in a phishing email or downloaded from the attacker’s website.
👾 For a successful attack, these security features must be disabled:
🔹 Policy “Block macros from running in Office files from the Internet” (enabled by default).
🔹 “VBA Macro Notification Settings“.
Previewing files in the “Preview Pane” is not an exploitation vector. 👍
As you can see, there are quite a few conditions required for a successful attack, but Microsoft has reported cases of exploitation of the vulnerability in the wild. 🤷♂️
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.