Overnight, Trend Micro’s research teams identified a new attack in the ongoing Pawn Storm campaign that is focused on high-profile, sensitive targets. The Trend Micro™ Smart Protection Network™ has enabled us to identify email messages targeting a NATO member as well as a US defense organization.
This latest Pawn Storm attack is also notable because it is being carried out using a new, unpatched vulnerability against Oracle’s Java, making this the first known zero-day attack against Java since 2013. The attack leverages a three-year-old vulnerability in Microsoft Windows Common Controls CVE-2012-015 which is addressed in MS12-027.
Our researchers have reported this vulnerability to Oracle and are working with them to address it.
Until a patch is available, we recommend disabling Java. For additional information, you can also view our write-up on how to better protect yourself when using Java: How to Use Java – If You Must.
We will continue to monitor this situation and provide updates when we have them.
For additional information, click here.
Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.