Remote Code Execution - Microsoft Project (CVE-2024-38189).
Microsoft Project is a project management program. It is designed to assist a project manager in developing a schedule, assigning resources to tasks, tracking progress, managing the budget, and analyzing workloads.
The vulnerability was fixed as part of the August Patch Tuesday. The malicious code is executed when the victim opens a special Microsoft Office Project file, received in a phishing email or downloaded from the attacker's website.
👾 For a successful attack, these security features must be disabled:
🔹 Policy "Block macros from running in Office files from the Internet" (enabled by default).
🔹 "VBA Macro Notification Settings".
Previewing files in the "Preview Pane" is not an exploitation vector. 👍
As you can see, there are quite a few conditions required for a successful attack, but Microsoft has reported cases of exploitation of the vulnerability in the wild. 🤷♂️
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю подписаться на мой канал @avleonovrus "Управление Уязвимостями и прочее" в MAX или в Telegram.
Pingback: August Microsoft Patch Tuesday | Alexander V. Leonov