Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Patches OLE Zero-Day Vulnerability

Posted by Soulskill on from the putting-right-what-once-went-wrong dept.

msm1267 writes: Microsoft today released a patch for a zero-day vulnerability under active exploit in the wild. The vulnerability in OLE, or Microsoft Windows Object Linking and Embedding, enables a hacker to remotely execute code on an infected machine, and has been linked to attacks by the Sandworm APT group against government agencies and energy utilities. Microsoft also issued a massive Internet Explorer patch, but warned organizations that have deployed version 5.0 of its Enhanced Mitigation Experience Toolkit (EMET) to upgrade to version 5.1 before applying the IE patches. Version 5.1 resolves some compatibility issues, in addition to several mitigation enhancements.

1 of 37 comments (clear)

  1. Re:why is it red? by Anonymous Coward · · Score: 4, Funny

    why is it red?

    Comments are disabled to allow Microsoft time to assemble a team of Social Media Manglers (SMMs). Their job is to ensure discussion of yet another failure is framed so as to minimize the harm to their client's reputation.

    It's part of Microsoft's TOS with the very dicey new Slashdot.