welcome
About us
Newsletter
News Widget
Media Inquiries

Summary

State-backed hacking groups exploit Windows vulnerability

This is a North Korea news story, published by BleepingComputer, that relates primarily to ZDI-CAN-25373 news.

North Korea news

For more North Korea news, you can click here:

more North Korea news

ZDI-CAN-25373 news

For more ZDI-CAN-25373 news, you can click here:

more ZDI-CAN-25373 news

News about operating systems

For more operating systems news, you can click here:

more operating systems news

BleepingComputer news

For more news from BleepingComputer, you can click here:

more news from BleepingComputer

About the Otherweb

Otherweb, Inc is a public benefit corporation, dedicated to improving the quality of news people consume. We are non-partisan, junk-free, and ad-free. We use artificial intelligence (AI) to remove junk from your news feed, and allow you to select the best tech news, business news, entertainment news, and much more. If you like this article about operating systems, you might also like this article about

new Windows vulnerability

. We are dedicated to bringing you the highest-quality news, junk-free and ad-free, about your favorite topics. Please come every day to read the latest security patch news, Trend ZDI news, news about operating systems, and other high-quality news about any topic that interests you. We are working hard to create the best news aggregator on the web, and to put you in control of your news feed - whether you choose to read the latest news through our website, our news app, or our daily newsletter - all free!

Windows vulnerability
BleepingComputer

BleepingComputer

Technology

Technology

New Windows zero-day exploited by 11 state hacking groups since 2017

BleepingComputer
Summary
Nutrition label

82% Informative

At least 11 state-backed hacking groups from North Korea , Iran , Russia , and China have been exploiting a new Windows vulnerability in data theft and cyber espionage zero-day attacks since 2017 .

Microsoft has yet to assign a CVE-ID to this vulnerability, Trend Micro is tracking it internally as ZDI-CAN-25373 and said it enables attackers to execute arbitrary code on affected Windows systems.

The vulnerability is caused by a User Interface (UI) Misrepresentation of Critical Information (CWE-451) weakness.

While the UI experience described in the report does not meet the bar for immediate servicing under our severity classification guidelines, we will consider addressing it in a future feature release. Based on an analysis of 14 M malicious actions, discover the top 10 MITRE ATT&CK techniques behind 93% of attacks and how to defend against them..

VR Score

77

Informative language

74

Neutral language

59

Article tone

formal

Language

English

Language complexity

68

Offensive language

not offensive

Hate speech

not hateful

Attention-grabbing headline

not detected

Known propaganda techniques

not detected

Time-value

short-lived

External references

7

https://www.trendmicro.com/en_us/research/25/c/windows-shortcut-zero-day-exploit.htmlhttps://documents.trendmicro.com/assets/txt/Figure-1-Data---ZDI-CAN-25373-blogcU9ZZ2p.txthttps://x.com/TrendMicroRSRCH/status/1902004483514667139https://cwe.mitre.org/data/definitions/451.htmlhttps://hubs.li/Q039Tm490https://protect.checkpoint.com/v2/r01/___https://www.microsoft.com/en-us/msrc/olsbugbar___.YzJ1OndlY29tbXVuaWNhdGlvbnM6YzpvOjI2ZjEyYjM5ZTM0Y2IzODE3MmIwNGU4MzZlZTAxNjM2Ojc6MTE4NjpiZmFkZDNmMDg3ZTI0NWMwYmUwY2QzMmU0OGViNWE3NzA2MmFiYWE0YmFmZmRiMjUyZWJiZWYwMmUzNjVmYzMxOmg6VDpGhttps://www.zerodayinitiative.com/advisories/ZDI-25-148/

Source diversity

7

www.trendmicro.comdocuments.trendmicro.comx.comcwe.mitre.orghubs.liprotect.checkpoint.comwww.zerodayinitiative.com

Affiliate links

no affiliate links

Read full article

Small business owner?

Otherweb launches Autoblogger—a revolutionary way to bring more leads to any small business, using the power of AI.

Powered by Otherweb