ClearSky Cyber Security has uncovered a user interface (UI) vulnerability in Microsoft Windows that is currently being exploited by a sophisticated threat actor known as Mustang Panda, a group believed to be affiliated with Chinese state interests. When users extract files from these RAR archives, the files become hidden from view within the Windows Explorer graphical user interface, leading to an apparent empty folder scenario. This vulnerability becomes particularly dangerous because it allows attackers to execute these hidden files through command-line prompts if the exact file path is known. “Threat actors or users can also execute those compressed files from a command line prompt, if they know the exact path” ClearSky stated. This invisibility extends to the command line interface, where using the “dir” command does not reveal these hidden files or folders, effectively making them invisible. ClearSky Cyber Security has discovered a UI vulnerability in Microsoft Windows. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. ClearSky Cyber Security has yet to release more detailed information in an upcoming blog post, which will likely include mitigation strategies and further analysis of the vulnerability’s impact.
This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 13 Feb 2025 20:20:24 +0000