When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
This flaw was apparently used by a threat actor known as Void Banshee to deploy the Atlantidainfostealer.
In the attack, the crooks would first create a malicious .HTA file.
(Image credit: Shutterstock)
Deploying the .HTA file to the rig was done through a weaponized shortcut file (.URL).
This file was most likely delivered with phishing, or social engineering.
The bug was fixed with the latest Patch Tuesday update.
