CVE-2015-2545 Still Being Exploited, Still Can’t Get Past Morphisec

Posted by Morphisec Team on May 31, 2016 11:04:12 PM
Morphisec Team
Find me on:

CVE-2015-2545_spinning.jpg

CVE-2015-2545 is the vulnerability that just keeps on giving. First spotted in August 2015, in a targeted attack by the Platinum Group, it allows attackers to bypass system memory protections via a malicious EPS image file embedded in a Microsoft Office document. Morphisec’s Michael Gorelik published a detailed technical analysis at the PostScript Abstraction Level back in February, when it popped up again in connection with attacks against Indian governmental agencies.


Microsoft patched the flaw in November 2015, but cyber criminals and APT groups continue to successfully use the exploit to gain a foothold in targeted systems. Not surprising given the difficulties many organizations have keeping up with patching. Kaspersky Labs recently reported that the use of the CVE-2015-2545 is increasing, in new variants that go undetected by most antivirus systems, as part of increasingly sophisticated attacks.

Morphisec customers have no reason to worry. In any variant, Morphisec stops the attack at the very beginning of the killchain. It’s almost anti-climactic: The attackers work so hard to create a clever chain of events but they never even get off the ground.

Enjoy the brief action in this real-time video and catch a glimpse of the recently released version of our management console.

 

 

New Call-to-action

Topics: Exploits, Product, Attacks, cybersecurity

Welcome to our Blog

Keeping you in the loop with company updates, industry insight, cyber security trends, and cyber attack information.

Subscribe to the blog

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....