Simple Cyber Defense

Windows Remote Assistance Exploit Lets Hackers Steal Sensitive Files


There has been a discovery of a new vulnerability effecting Windows OS from Windows 7 to Windows 10. Nabeel Ahmed of Trend Micro Zero Day Initiative discovered and reported an information disclosure vulnerability (CVE-2018-0878) in Windows Remote Assistance that could allow attackers to obtain information to further compromise the victim’s system.The vulnerability, which has been fixed by the company in this month’s patch Tuesday, resides in the way Windows Remote Assistance processes XML External Entities (XXE).

For more information on the issue go to: