{"vulnerability": "cve-2017-11774", "sightings": [{"uuid": "18874d5f-3407-469e-94d9-5738db2b31b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "seen", "source": "https://t.me/GrayHatsHack/8429", "content": "\u26a1Specula\u2019s effectiveness lies in its exploitation of a known vulnerability (CVE-2017-11774). This vulnerability allows attackers to bypass Outlook\u2019s security measures and create custom homepages within the application. By modifying specific registry keys, these malicious homepages can be used to trigger the execution of VBScript files, granting attackers unauthorized access and control over your system.\n\n#CyberBulletin", "creation_timestamp": "2024-07-31T17:44:43.000000Z"}, {"uuid": "761c7e02-5bbe-4d20-9523-8c9514965b6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "seen", "source": "https://t.me/GrayHatsHack/7117", "content": "\u26a1Specula\u2019s effectiveness lies in its exploitation of a known vulnerability (CVE-2017-11774). This vulnerability allows attackers to bypass Outlook\u2019s security measures and create custom homepages within the application. By modifying specific registry keys, these malicious homepages can be used to trigger the execution of VBScript files, granting attackers unauthorized access and control over your system.\n\n#CyberBulletin", "creation_timestamp": "2024-07-31T17:44:43.000000Z"}, {"uuid": "00766435-3d02-41ee-8e4a-661d3aca0cdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "exploited", "source": "https://t.me/information_security_channel/29062", "content": "USCYBERCOM published an alert that hackers were exploiting the CVE-2017-11774 Microsoft Outlook Security Vulnerability to deliver malware using an HTTPS domain. Microsoft already patched the vulnerability in 2017 and the USCYBERCOM alert refers to the ongoing campaign that exploiting CVE-2017-11774. Users are advised to ensure that they have patched the vulnerability. USCYBERCOM shared a number [\u2026]\nThe post USCYBERCOM Warned that Hackers Exploiting Microsoft Outlook Security Vulnerability to Deliver Malware (https://gbhackers.com/uscybercom-warned-hackers-malware/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2019-07-04T06:41:25.000000Z"}, {"uuid": "2da821f1-7a3c-433e-8ddb-2d0b7dbe6a85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:39.000000Z"}, {"uuid": "e0be3a3c-1e5f-4cd8-adb3-dbb5ed88a903", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/14286c24-dc69-472b-9819-cb20bbd7793f", "content": "", "creation_timestamp": "2026-02-02T12:28:55.939626Z"}, {"uuid": "e5b5f936-bc96-402c-add1-9e29d335dfd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/14286c24-dc69-472b-9819-cb20bbd7793f", "content": "", "creation_timestamp": "2026-02-02T12:28:55.939626Z"}, {"uuid": "c22c2690-0720-443a-87c4-a5d3eefb2a80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "exploited", "source": "https://t.me/information_security_channel/29027", "content": "U.S. Cyber Command Warns of Outlook Flaw Exploited by Iranian Hackers\nhttp://feedproxy.google.com/~r/Securityweek/~3/jJL2f4g6ri4/us-cyber-command-warns-outlook-flaw-exploited-iranian-hackers\n\nThe U.S. Cyber Command (USCYBERCOM) on Tuesday warned that it had spotted attacks exploiting a Microsoft Outlook vulnerability tracked as CVE-2017-11774 in an effort to deliver malware.\nread more (https://www.securityweek.com/us-cyber-command-warns-outlook-flaw-exploited-iranian-hackers)", "creation_timestamp": "2019-07-03T08:22:13.000000Z"}, {"uuid": "dbfbef54-b6e9-475f-b049-43b72643cb69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "exploited", "source": "https://t.me/xakep_ru/7047", "content": "\u041a\u0438\u0431\u0435\u0440\u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u0421\u0428\u0410 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u043e, \u0447\u0442\u043e \u0438\u0440\u0430\u043d\u0441\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Outlook\n\n\u041a\u0438\u0431\u0435\u0440\u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u0421\u0428\u0410 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Outlook. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u044f\u0441\u043d\u044f\u044e\u0442, \u0447\u0442\u043e \u0443\u0433\u0440\u043e\u0437\u0430 \u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u043e\u0442 \u0438\u0440\u0430\u043d\u0441\u043a\u043e\u0439 APT33.\n\nhttps://xakep.ru/2019/07/04/cve-2017-11774/", "creation_timestamp": "2019-07-04T19:35:24.000000Z"}, {"uuid": "5011274f-7d29-4fe6-b881-fb359c94d05c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "exploited", "source": "https://t.me/haccking/11099", "content": "\u041d\u043e\u0432\u044b\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 Specula \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 Outlook \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 Windows\n\n#Outlook #C2 #RedTeam\n\nMicrosoft Outlook \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u0435\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u0432 C2 (\u043a\u043e\u043c\u0430\u043d\u0434\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440) \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430. \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b TrustedSec \u0434\u0430\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a Specula, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u0438\u0433\u043e\u0434\u0438\u0442\u0441\u044f \u0434\u043b\u044f Red\u00a0Teaming.\n\n\u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, Specula \u0441\u043e\u0437\u0434\u0430\u0451\u0442 \u043a\u0430\u0441\u0442\u043e\u043c\u043d\u0443\u044e \u0434\u043e\u043c\u0430\u0448\u043d\u044e\u044e \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0443 WebView \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2017-11774, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043e\u0431\u043e\u0439\u0442\u0438 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 Outlook. \u042d\u0442\u0443 \u0431\u0440\u0435\u0448\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u0435\u0449\u0451 \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 2017 \u0433\u043e\u0434\u0430.\n\n\u00ab\u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0436\u0435\u0440\u0442\u0432\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 \u0438 \u0443\u0431\u0435\u0434\u0438\u0442\u044c \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0435\u0433\u043e\u00bb, \u2014 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u043b\u0430 CVE-2017-11774 Microsoft.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e \u0447\u0442\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0443\u0441\u043b\u043e\u0432\u043d\u044b\u0439 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u0434\u043e\u043c\u0430\u0448\u043d\u044e\u044e \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0443 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0439 \u0432 \u0440\u0435\u0435\u0441\u0442\u0440\u0435 Windows. \u042d\u0442\u043e \u0441\u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0434\u0430\u0436\u0435 \u0441 \u0442\u0435\u043c\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438, \u0433\u0434\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u044b \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0441\u0431\u043e\u0440\u043a\u0438 Office 365.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 TrustedSec, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u0432\u0448\u0438\u0435 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a Specula, \u043e\u0431\u044a\u044f\u0441\u043d\u044f\u044e\u0442, \u0447\u0442\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 Outlook. \u0414\u043b\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u043a\u0430\u0441\u0442\u043e\u043c\u043d\u043e\u0439 \u0434\u043e\u043c\u0430\u0448\u043d\u0435\u0439 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b Specula \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u043a\u043b\u044e\u0447\u0438 \u0440\u0435\u0435\u0441\u0442\u0440\u0430, \u043e\u0431\u0440\u0430\u0449\u0430\u044e\u0449\u0438\u0435\u0441\u044f \u043a \u0438\u043d\u0442\u0435\u0440\u0430\u043a\u0442\u0438\u0432\u043d\u043e\u043c\u0443 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0443 Python.\n\n\u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u043c\u043e\u0433\u0443\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0446\u0435\u043b\u0435\u0432\u043e\u0439 URL \u0432 \u043a\u043b\u044e\u0447\u0435 \u0440\u0435\u0435\u0441\u0442\u0440\u0430 Outlook WebView \u2014HKEY_CURRENT_USER\\Software\\Microsoft\\Office\\16.0\\Outlook\\WebView\\ \u2014 \u0438 \u0443\u043a\u0430\u0437\u0430\u0442\u044c \u0442\u0430\u043c \u0430\u0434\u0440\u0435\u0441 \u0441\u0432\u043e\u0435\u0433\u043e \u0440\u0435\u0441\u0443\u0440\u0441\u0430.\n\n\u041d\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0432\u0435\u0431-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0431\u0443\u0434\u0443\u0442 \u0440\u0430\u0437\u043c\u0435\u0449\u0430\u0442\u044c\u0441\u044f \u043a\u0430\u0441\u0442\u043e\u043c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b VBscript, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 Windows.\n\n\u00ab\u041d\u0430\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u043e\u0442 \u0432\u0435\u043a\u0442\u043e\u0440 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u0441\u043e\u0442\u0435\u043d \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432. \u0418 \u044d\u0442\u043e \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\u00bb, \u2014 \u043f\u0438\u0448\u0435\u0442 TrustedSec.\n\n\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 GitHub.\n\n\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u0441\u0442\u0430\u0442\u044c\u044e.\n\nLH | \u041d\u043e\u0432\u043e\u0441\u0442\u0438 | \u041a\u0443\u0440\u0441\u044b | \u041c\u0435\u043c\u044b", "creation_timestamp": "2024-08-02T18:23:59.000000Z"}, {"uuid": "52e92f0e-6e30-41bb-866c-6b7b40d7a7dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "exploited", "source": "https://t.me/SecLabNews/15454", "content": "Specula: \u043a\u0430\u043a \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 Outlook \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\n\n\u26a0\ufe0f \u041d\u0430 \u0434\u043d\u044f\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f TrustedSec \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043d\u043e\u0432\u044b\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 Microsoft Outlook, \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u044b\u0439 \u00abSpecula\u00bb. \u042d\u0442\u043e\u0442 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f Outlook \u043a\u0430\u043a \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f (C2). \n\n\ud83d\udee1 \u041e\u0441\u043d\u043e\u0432\u043e\u0439 \u0434\u043b\u044f \u0440\u0430\u0431\u043e\u0442\u044b Specula \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2017-11774, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 Microsoft \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 2017 \u0433\u043e\u0434\u0430. \u0414\u0430\u043d\u043d\u044b\u0439 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u0435 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b Outlook \u0438 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043a\u0430\u0441\u0442\u043e\u043c\u043d\u0443\u044e \u0434\u043e\u043c\u0430\u0448\u043d\u044e\u044e \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0443, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f WebView. \n\n\ud83d\udcc4 \u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u043c Microsoft, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u044b, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c. \u041e\u0442\u043a\u0440\u044b\u0442\u0438\u0435 \u0442\u0430\u043a\u0438\u0445 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. \n\n#cybersecurity #Outlook #Specula #Microsoft @SecLabNews", "creation_timestamp": "2024-07-31T12:33:53.000000Z"}, {"uuid": "2439bedf-ad9f-4308-92ec-bea205d2df77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "seen", "source": "MISP/5d1c3fa4-8548-43ed-931c-48ed950d210f", "content": "", "creation_timestamp": "2019-07-03T05:40:32.000000Z"}, {"uuid": "d692e6fa-e1ef-4fc1-a68d-d855d8639d99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:19.000000Z"}, {"uuid": "7cee6392-ad72-4abe-9312-ee07c6dd9e93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "seen", "source": "MISP/9d0eb20e-4c0a-419c-89f2-dda290421705", "content": "", "creation_timestamp": "2020-10-09T14:49:49.000000Z"}, {"uuid": "349bdd63-73ab-433d-a1b2-ecee3a3d43e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "seen", "source": "MISP/a5bb38c9-df8d-4a37-8d66-fd426ccb41aa", "content": "", "creation_timestamp": "2020-10-09T15:50:30.000000Z"}, {"uuid": "67b2051c-d84b-45bc-8574-be898672c625", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "seen", "source": "MISP/c0d2dd27-7f4a-4fc7-93cd-fff35b40f132", "content": "", "creation_timestamp": "2024-11-14T06:07:26.000000Z"}, {"uuid": "515cb23c-a708-422b-8126-93958036f4a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2970989", "content": "", "creation_timestamp": "2024-12-24T20:22:43.742399Z"}, {"uuid": "668cddc7-9df5-44c5-ae83-f7e5bc72bd5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "seen", "source": "https://t.me/ctinow/18665", "content": "Breaking the Rules: A Tough Outlook for Home Page Attacks (CVE-2017-11774)\n\nhttps://ift.tt/2tjDcU9", "creation_timestamp": "2019-12-16T18:09:24.000000Z"}, {"uuid": "e3ac44c0-24e1-4e26-b6b0-04b51c6da415", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "seen", "source": "https://t.me/CyberBulletin/226", "content": "\u26a1Specula\u2019s effectiveness lies in its exploitation of a known vulnerability (CVE-2017-11774). This vulnerability allows attackers to bypass Outlook\u2019s security measures and create custom homepages within the application. By modifying specific registry keys, these malicious homepages can be used to trigger the execution of VBScript files, granting attackers unauthorized access and control over your system.\n\n#CyberBulletin", "creation_timestamp": "2024-07-31T17:33:57.000000Z"}, {"uuid": "5073018e-8a38-4ef4-bdf3-2ffbbc98c8bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "seen", "source": "MISP/b426aa9c-dc22-4a91-8213-f8d513405423", "content": "", "creation_timestamp": "2020-12-09T07:18:56.000000Z"}, {"uuid": "d936f43c-f6e1-4d3e-a956-ebd43ec2c9ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "847b06bd-31db-4ecf-89aa-1b5863d384a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "exploited", "source": "https://t.me/BleepingComputer/5401", "content": "Outlook Flaw Exploited by Iranian APT33, US CyberCom Issues Alert\n\nUS Cyber Command issued a malware alert on Twitter regarding the active exploitation of the CVE-2017-11774\u00a0Outlook vulnerability to attack US government agencies,\u00a0allowing the attackers to execute arbitrary commands on compromised systems. [...]\n\nhttps://www.bleepingcomputer.com/news/security/outlook-flaw-exploited-by-iranian-apt33-us-cybercom-issues-alert/", "creation_timestamp": "2019-07-03T19:40:21.000000Z"}, {"uuid": "e90dfc46-c56c-45a4-a2d3-6233cb788267", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "seen", "source": "https://t.me/CyberGovIL/521", "content": "\u05e4\u05e2\u05d9\u05dc\u05d5\u05ea \u05d4\u05d7\u05e9\u05d5\u05d3\u05d4 \u05db\u05ea\u05e7\u05d9\u05e4\u05d4 \u05e2\u05dc \u05d9\u05d3\u05d9 APT33\nhttps://www.gov.il/he/departments/publications/reports/apt33\n\n\u05dc\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4, \u05e4\u05e8\u05e1\u05dd \u05e4\u05d9\u05e7\u05d5\u05d3 \u05d4\u05e1\u05d9\u05d9\u05d1\u05e8 \u05d4\u05d0\u05de\u05e8\u05d9\u05e7\u05d0\u05d9 \u05de\u05d6\u05d4\u05d9\u05dd \u05e8\u05dc\u05d5\u05d5\u05e0\u05d8\u05d9\u05d9\u05dd \u05dc\u05ea\u05e7\u05d9\u05e4\u05d5\u05ea \u05d4\u05e2\u05d5\u05e9\u05d5\u05ea \u05e9\u05d9\u05de\u05d5\u05e9 \u05d1\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d9\u05e9\u05e0\u05d4 \u05d1\u05ea\u05d5\u05db\u05e0\u05ea Outlook \u05e9\u05dc \u05de\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 (CVE-2017-11774).\n\u05d4\u05ea\u05e7\u05d9\u05e4\u05d4 \u05e9\u05d5\u05d9\u05db\u05d4 \u05dc\u05e7\u05d1\u05d5\u05e6\u05ea \u05d4\u05ea\u05e7\u05d9\u05e4\u05d4 APT33, \u05e2\u05dc \u05d9\u05d3\u05d9 \u05d7\u05d1\u05e8\u05ea \u05d0\u05d1\u05d8\u05d7\u05ea \u05d4\u05de\u05d9\u05d3\u05e2 Fireeye.", "creation_timestamp": "2019-07-08T11:23:42.000000Z"}, {"uuid": "8b0e12f7-0bb9-4fa0-884d-5b6980555e66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "exploited", "source": "https://t.me/CyberGovIL/518", "content": "\u05dc\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4 \u05e4\u05e8\u05e1\u05dd \u05e4\u05d9\u05e7\u05d5\u05d3 \u05d4\u05e1\u05d9\u05d9\u05d1\u05e8 \u05d4\u05d0\u05de\u05e8\u05d9\u05e7\u05d0\u05d9 \u05de\u05d6\u05d4\u05d9\u05dd \u05e8\u05dc\u05d5\u05d5\u05e0\u05d8\u05d9\u05d9\u05dd \u05dc\u05ea\u05e7\u05d9\u05e4\u05d5\u05ea \u05d4\u05e2\u05d5\u05e9\u05d5\u05ea \u05e9\u05d9\u05de\u05d5\u05e9 \u05d1\u05e4\u05d2\u05d9\u05e2\u05d5\u05ea \u05d9\u05e9\u05e0\u05d4 \u05d1\u05ea\u05d5\u05db\u05e0\u05ea Outlook \u05e9\u05dc \u05de\u05d9\u05e7\u05e8\u05d5\u05e1\u05d5\u05e4\u05d8 (CVE-2017-11774).\n\u05d4\u05ea\u05e7\u05d9\u05e4\u05d4 \u05e9\u05d5\u05d9\u05db\u05d4 \u05e2\u05dc \u05d9\u05d3\u05d9 \u05d7\u05d1\u05e8\u05ea \u05d0\u05d1\u05d8\u05d7\u05ea \u05d4\u05de\u05d9\u05d3\u05e2 Fireeye \u05dc\u05e7\u05d1\u05d5\u05e6\u05ea \u05d4\u05ea\u05e7\u05d9\u05e4\u05d4 APT33.", "creation_timestamp": "2019-07-08T10:18:15.000000Z"}, {"uuid": "7acb2562-e457-4533-a1c7-bf8617ccdb92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "seen", "source": "https://t.me/ctinow/18276", "content": "Breaking the Rules: A Tough Outlook for Home Page Attacks (CVE-2017-11774)\n\nhttps://ift.tt/2RilV80", "creation_timestamp": "2019-12-04T11:05:29.000000Z"}, {"uuid": "bf7cc747-8e3d-4807-bb3e-9835ab4d479c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-11774", "type": "seen", "source": "https://t.me/arpsyndicate/1257", "content": "#ExploitObserverAlert\n\nCVE-2017-11774\n\nDESCRIPTION: Exploit Observer has 8 entries related to CVE-2017-11774. Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka \"Microsoft Outlook Security Feature Bypass Vulnerability.\"\n\nFIRST-EPSS: 0.862350000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-04T17:00:59.000000Z"}]}