Hit enter to search

Microsoft Browser Bug is being exploted to Deploy VBA Malware.

July 29, 2021

As part of a "unusual" campaign, an unidentified threat actor exploited a nowpatched zeroday flaw in Internet Explorer to deliver a fullyfeatured VBAbased remote access trojan (RAT) capable of accessing files stored on compromised Windows systems, as well as downloading and executing malicious payloads.

The backdoor is deployed through a fake document called "Manifest.docx" that loads the vulnerability's exploit code from an embedded template, which then executes shellcode to deploy the RAT.