Threat Research Blog

Two for One: Microsoft Office Encapsulated PostScript and Windows Privilege Escalation Zero-Days


FireEye recently uncovered an attack exploiting two previously unknown vulnerabilities, one in Microsoft Office (CVE-2015-2545) and another in Windows (CVE-2015-2546). Both vulnerabilities are patched this Tuesday because of Microsoft’s immediate response.

Read more about the attack and the vulnerabilities here.