More from Haifei Li

McAfee Labs

Analyzing Microsoft Office Zero-Day Exploit CVE-2017-11826: Memory Corruption Vulnerability

McAfee Labs has performed frequent analyses of Office-related threats over the years: In 2015, we presented research on the Office...

McAfee Labs

Critical Office Zero-Day Attacks Detected in the Wild

At McAfee, we have put significant efforts in hunting attacks such as advanced persistent threats and “zero days.” Yesterday, we...

McAfee Labs

Patch Now: Simple Office ‘Protected View’ Bypass Could Have Big Impact

Protected View is a security feature of Microsoft Office. According to research from MWR Labs, Protected View mode is a strong...

McAfee Labs

Threat Actors Employ COM Technology in Shellcode to Evade Detection

COM (Component Object Model) is a technology in Microsoft Windows that enables software components to communicate with each other; it...

McAfee Labs

Threat Actors Use Encrypted Office Binary Format to Evade Detection

This blog post was written in conjunction with Xiaoning Li. Microsoft Office documents play an important role in our work...

McAfee Labs

McAfee Adds Flash Exploit Detection to NSP 8.2

Adobe Flash vulnerabilities and exploits have worried users and security professionals for many years. The situation today remains serious. A...

Internet Security Privacy & Identity Protection

Bypassing Microsoft’s Patch for the Sandworm Zero Day

This is the second part of our analysis of the Sandworm OLE zero-day vulnerability and the MS14-060 patch bypass. Check out...

McAfee Labs

Bypassing Microsoft’s Patch for the Sandworm Zero Day, the Root Cause

On October 21, we warned the public that a new exploitation method could bypass Microsoft’s official patch (MS14-060, KB3000869) for...

McAfee Labs

New Exploit of Sandworm Zero-Day Could Bypass Official Patch

Update of October 25: Some comments posted after we published this report suggest that our proof-of-concept exploit will trigger the...

Internet Security Security News Privacy & Identity Protection

Dropping Files Into Temp Folder Raises Security Concerns

Recently, the McAfee Advanced Exploit Detection System (AEDS) has delivered some interesting RTF files to our table. These RTFs have...

Subscribe to McAfee Securing Tomorrow Blogs