We have another Windows Search zero-day vulnerability being reported that can be used to automatically open a search window containing remote executables, simply by launching a Word document. Hackers can use the Microsoft Office OLEObject flaw with the search-ms protocol handler to open a remote search window simply by opening a Word document.
Hackers were exploiting the new Windows zero-day vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT). To exploit it, they created a malicious Word document that launched the ms-msdt URI protocol handler to execute PowerShell commands simply by opening the document.
These flaws makes it possible to modify Microsoft Office documents, by skipping over the Protected View and launching URI protocol handlers without interaction by users. Below are some of the latest patching related articles that help explain why keeping Windows patched up is critical to keeping users safe from harm.
Microsoft fixes new NTLM relay zero-day in all Windows versions
Microsoft May 2022 Patch Tuesday fixes 3 zero-days, 75 flaws
Windows 'RemotePotato0' zero-day gets an unofficial patch
Microsoft April 2022 Patch Tuesday fixes 119 flaws, 2 zero-days
Lets talk about how Patch Remedy can assist is making sure your users are safe.
Simply put, Patch Remedy for Automate can help keep your Windows agents patched up. Patch Remedy has been helping MSPs using LabTech or ConnectWise Automate for more than 5 years to control and improve their patching deliver services. Click on the image below to see how Patch Remedy can help you.
