Malware Bypasses Antivirus Programs Through PowerPoint Vulnerability

Malware Exploits Microsoft PowerPoint Vulnerability

A new malware campaign has been sent into the wild, and most security programs are not detecting it.  Remcos, the malware variant, is bypassing detection by exploiting a Microsoft PowerPoint vulnerability.  Remcos is hidden within a malicious attachment that is being distributed via email.  The email is disguised as an order request from a falsified business partner.  Once a victim opens the email and clicks on the malicious link, a vulnerability number will pop up.  However, the number is not identifying the security gap in the PowerPoint program.  The file logo document is then downloaded.  ZDNet reported,

“This downloaded logo.doc contains XML and JavaScript code, which runs PowerShell to execute a file called ‘RATMAN.EXE’, a Trojanised version of the Remcos remote access tool, which then connects to a command and control server.”

Once installed, the malware can obtain access to the entire PC, without the user knowing.

Fortunately, the security gap was patched by Microsoft in April of this year.  However, that does not mean all users have updated their program.  To patch this specific vulnerability, click here.

 3,128 total views,  1 views today

(Visited 1 times, 1 visits today)

1 thought on “Malware Bypasses Antivirus Programs Through PowerPoint Vulnerability”

  1. Since Microsoft and Windows 10 makes you do the Updates within a couple days after they send those Updates the only way you don’t install and reboot is if you just don’t turn the computer on……..and that NEVER happens.

    Experts don’t really like being told when to reboot and be forced to reboot or install BUT rookies need that with this FREE OS because otherwise they would all be hacked and destroyed and then start whining on every website including the worst one …..Facebook.

    I got used to these Updates and reboots since I have 9 computers running 24/7 and like to figure out OS’s from Microsoft so I don’t mind and just like with the 90’s versions and XP Pro it is fun to figure out all the *tricks*

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.