The beauty of what we do here at Bangladesh cyber Security, and how we do it, is that we tend to discover new, previously undiscovered vulnerabilities over time, which are referred to as 0Day vulnerabilities in the industry.
A manual assessment by domain-specific experts and skilled pentesters is more of a research into cyber security and often yields discoveries that were previously unknown, even to the manufacturer or product owner, while any automated tool works within the parameters of set algorithms and logic, scanning for known vulnerabilities within the threat intelligence databases.
Microsoft has revealed the existence of a new zero-day vulnerability that affects a variety of Windows editions. This vulnerability (CVE-2021-40444) is currently being spread through fraudulent Office 365 documents, and it requires user input to activate. It’s worth noting that Office documents acquired from the internet are opened in Protected View or Application Guard by default, both of which would protect against this attack.
If the attacker can persuade the victim to download the file and bypass any mitigation, the vulnerability will be exploited, resulting in the download and execution of a malicious file on the affected PC. This vulnerability is currently being leveraged to deliver Cobalt Strike payloads.