Shulou(Shulou.com)11/24 Report--

CTOnews.com news on August 4, according to foreign science and technology media bleepingcomputer reports, some hackers abused Microsoft's legitimate LOLBAS file format, used Microsoft Outlook e-mail client and Access database to manage installation packages, and distributed malicious software.

The full name of the LOLBAS file format is Living-off-the-Land Binaries and Scripts and is usually described as a signature file native to the Windows operating system or downloaded from Microsoft.

Hackers abuse LOLBAS files to download and run all kinds of malicious programs without triggering the defense mechanism of Win10 and Win11 systems.

Security researcher Nir Chako recently investigated the Microsoft Office suite installation package and found three LOLBAS files named MsoHtmEd.exe,MSPub.exe and ProtocolHandler.exe.

Because these files conform to the LOLBAS standard, they can act as downloaders for third-party files. Through in-depth investigation, the researchers found a total of 11 new files with download and execution functions:

CTOnews.com is here to attach a link to a detailed report, which interested users can click to read.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.