Check Point researchers have identified four vulnerabilities affecting Microsoft Office products, including Excel and Office…
It all started with a recent report by an information security expert known as TheAnalyst, in which the abuse of Microsoft services was given a separate place. He wrote that, for example, the BazarLoader malware operators place their malware in Microsoft OneDrive and wondered: “Is Microsoft in any way responsible for this if they INTENTIONALLY place hundreds of files for more than three days leading to this [BazarLoader infection ]? “.
Let me remind you that BazarLoader is infected through spam messages. Attackers try to trick the recipients of such messages into opening a trojanized link. In this case, it was an ISO file containing a malicious DLL with a misleading label called “Documents”. The launch of such malware usually ends with a Conti ransomware attack.
In a report on TheAnalyst’s legitimate claims on Twitter, Beaumont responded as follows:
Beaumont also adds:
It is worth saying that the site URLhaus, supported by the Swiss project abuse.ch at the Institute of Cybersecurity and Engineering at the University of Bern, maintains statistics that confirm the words of experts. For example, according to the latest data, Microsoft shows the worst response time to malware among the top 10 sites hosting the most malicious URLs. It usually takes more than 29 days to remove Microsoft malware.
Google also suffers from malware and removes it slowly, on average in 14 days, but it’s still twice as fast as Microsoft.
Microsoft representatives have already paid attention to the criticism of specialists and made the following comment regarding the current situation:
Let me remind you that we also wrote that Researchers find four vulnerabilities in Microsoft Office.
News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…
Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…
News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…
Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…
News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…
Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…