New Attack Technique Exploits Microsoft Management Console Files
25-June-24
Threat actors are exploiting a new attack technique, GrimResource, using specially crafted Microsoft Management Console (MMC) files to achieve full code execution and evade security defenses. This method leverages a vulnerability in the MMC library and can bypass security measures like disabled Office macros. The technique uses a cross-site scripting (XSS) flaw in the apds.dll library to execute JavaScript code, facilitating malware delivery and system takeover.
