Microsoft¤Ï¤³¤Î¤Û¤É¡¢¡ÖStorm-0978 attacks reveal financial and espionage motives¡ÃMicrosoft Security Blog¡×¤Ë¤ª¤¤¤Æ¡¢¥è¡¼¥í¥Ã¥Ñ¤ª¤è¤ÓËÌÊƤÎËɱҤª¤è¤ÓÀ¯Éܵ¡´Ø¤òÁÀ¤¦¥Õ¥£¥Ã¥·¥ó¥°¥­¥ã¥ó¥Ú¡¼¥ó¤òÆÃÄꤷ¤¿¤ÈÅÁ¤¨¤¿¡£¡ÖStorm-0978¡×(ÊÌ̾DEV-0978¡¢RomCom)¤È¸Æ¤Ð¤ì¤ë¶¼°Ò¥°¥ë¡¼¥×¤Ë¤è¤ë¥­¥ã¥ó¥Ú¡¼¥ó¤¬È¯¸«¤µ¤ì¤Æ¤ª¤ê¡¢CVE-2023-36884¤È¤·¤ÆÄÉÀפµ¤ì¤Æ¤¤¤ëÀȼåÀ­¤¬ÀѶËŪ¤Ë°­ÍѤµ¤ì¤Æ¤¤¤ë¤³¤È¤¬¤ï¤«¤Ã¤¿¡£

Storm-0978 attacks reveal financial and espionage motives¡ÃMicrosoft Security Blog

Storm-0978¤Ï¥í¥·¥¢¤òµòÅÀ¤È¤¹¤ë¥µ¥¤¥Ð¡¼ÈȺᥰ¥ë¡¼¥×¡£¥é¥ó¥µ¥à¥¦¥§¥¢¤ò»ÈÍѤ·¤¿¥µ¥¤¥Ð¡¼ÈȺá¤Î¤Û¤«¡¢ÄµÊó³èÆ°¤Î»Ù±ç¤òÌÜŪ¤È¤·¤¿É¸Åª·¿Ç§¾Ú¾ðÊó¼ý½¸¥­¥ã¥ó¥Ú¡¼¥ó¤òŸ³«¤¹¤ë¤³¤È¤ÇÃΤé¤ì¤Æ¤¤¤ë¡£¡ÖRomCom¡×¤È¸Æ¤Ð¤ì¤ë¥Ð¥Ã¥¯¥É¥¢¤Î³«È¯¡¦ÇÛÉÛ¡¦Áàºî¤ò¹Ô¤Ã¤Æ¤¤¤ë¤³¤È¤Ç¤âÃΤé¤ì¤Æ¤¤¤ë¡£

Storm-0978¤Ë¤è¤ë¥µ¥¤¥Ð¡¼¹¶·â¤Ï¡¢¼ç¤Ë¥È¥í¥¤¤ÎÌÚÇϲ½¤·¤¿Àµµ¬¥½¥Õ¥È¥¦¥§¥¢¤ò»ÈÍѤ·¤ÆÁÈ¿¥¤Ë¿¯Æþ¤·¡¢RomCom¤ò¥·¥¹¥Æ¥à¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤µ¤»¤ë¤³¤È¤«¤é»Ï¤Þ¤ë¡£ºÇ¿·¤Î¥­¥ã¥ó¥Ú¡¼¥ó¤Ç¤Ï¡¢CVE-2023-36884¤ò°­ÍѤ·¤ÆRomCom¤ËÎà»÷¤·¤¿¥Ð¥Ã¥¯¥É¥¢¤òÇÛ¿®¤¹¤ë¥Õ¥£¥Ã¥·¥ó¥°¹¶·â¤òŸ³«¤·¤Æ¤¤¤ë¤³¤È¤¬¤ï¤«¤Ã¤¿¡£

¼ç¤Ë¥¦¥¯¥é¥¤¥Ê¤ÎÀ¯ÉÜÁÈ¿¥¤ä·³»öÁÈ¿¥¡¢¥¦¥¯¥é¥¤¥ÊÌäÂê¤Ë´ØÍ¿¤¹¤ë¥è¡¼¥í¥Ã¥Ñ¤äËÌÊƤÎÁÈ¿¥¤ËÂФ¹¤ëɸŪ·¿¹¶·â¤È¤ß¤é¤ì¤Æ¤ª¤ê¡¢ÆäËÅŵ¤ÄÌ¿®¶È³¦¤ä¶âÍ»¶È³¦¤Ê¤É¤Ë±Æ¶Á¤òÍ¿¤¨¤Æ¤¤¤ë¤ÈÊó¹ð¤µ¤ì¤Æ¤¤¤ë¡£

CVE-2023-36884¤Ï¥ê¥â¡¼¥È¥³¡¼¥É¼Â¹Ô(RCE: Remote Code Execution)¤ÎÀȼåÀ­¤Ç¡¢°­°Õ¤Î¤¢¤ëMicrosoft Office¥É¥­¥å¥á¥ó¥È¤È¤³¤Î·ç´Ù¤ò°­ÍѤ¹¤ë¤³¤È¤Ç¥ê¥â¡¼¥È¥³¡¼¥É¤òÉÔÀµ¤Ë¼Â¹Ô¤¹¤ë¤³¤È¤ò²Äǽ¤Ë¤·¤Æ¤¤¤ë¡£CVE-2023-36884¤Ë´Ø¤·¤Æ¤ÏMicrosoft¤«¤é´ËϺö¤¬¸ø³«¤µ¤ì¤Æ¤ª¤ê¡¢Windows¤ª¤è¤ÓOffice¥æ¡¼¥¶¡¼¤ÏÆâÍƤò³Îǧ¤¹¤ë¤È¤È¤â¤Ë´ËϺö¤ò¼Â»Ü¤¹¤ë¤³¤È¤¬¿ä¾©¤µ¤ì¤Æ¤¤¤ë(»²¹Í¡Ö2023ǯ7·î¥Þ¥¤¥¯¥í¥½¥Õ¥È¥»¥­¥å¥ê¥Æ¥£¹¹¿·¥×¥í¥°¥é¥à¤Ë´Ø¤¹¤ëÃí°Õ´­µ¯¡×)¡£