MS13-051 / CVE-2013-1331 Office zero day patched by Microsoft

Here’s some info on the now-patched (as of June 11 2013) zero day that’s starting to come out.

MSFT advisory: http://technet.microsoft.com/en-us/security/bulletin/ms13-051

Details: http://blogs.technet.com/b/srd/archive/2013/06/11/ms13-051-get-out-of-my-office.aspx

Sample on VT from March 4 2013 (credit Eromang): https://www.virustotal.com/en/file/f854f057c5b7e5e9f863d94d0c81c1f8a2f1eac34dae900da52f6cadf98d923a/analysis/

And also a quick note that while no one submitted any CVE-2013-1331 samples to Cryptam before the public release, we would have detected the suspicious ScriptBridge reference in the above sample:
https://www.malwaretracker.com/docsearch.php?hash=714876fdce62371da08c139377f23d76

Update: @eromang has found samples of this exploit dating back to 2009, check out his blog post.

Share this post

Share on facebook
Share on linkedin
Share on print
Share on email

Subscribe to our Monthly Cyber Security Digest

Get monthly content to keep you up to date on the latest news and tips