Misplaced Pages

GooseEgg

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.
Software vulnerability in Microsoft Windows

GooseEgg is the name used by Microsoft to describe an exploit tool used by the Russian hacking group Forest Blizzard (also known as Fancy Bear and other names) to exploit CVE-2022-38028, a software vulnerability in Microsoft Windows. The vulnerability is a flaw in the Windows print spooler that grants high privilege access to an attacker.

In April 2024, it was revealed that CVE-2022-38028 had for some time been being exploited in an ongoing cyberattack program. While Microsoft had patched the vulnerability in 2022, they did not disclose at the time that it had been being actively exploited since at least 2020, and possibly earlier.

References

  1. Intelligence, Microsoft Threat (2024-04-22). "Analyzing Forest Blizzard's custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials". Microsoft Security Blog. Retrieved 2024-04-23.
  2. ^ Zorz, Zeljka (2024-04-23). "Russian hackers' custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)". Help Net Security. Retrieved 2024-04-23.
  3. Goodin, Dan (2024-04-22). "Windows vulnerability reported by the NSA exploited to install Russian malware". Ars Technica. Retrieved 2024-04-23.
Hacking in the 2020s
← 2010s Timeline 2030s →
Major incidents
2020
2021
2022
2023
2024
Groups
Individuals
Major vulnerabilities
publicly disclosed
Malware
2020
2021
2022


Stub icon

This computer security article is a stub. You can help Misplaced Pages by expanding it.

Categories: