06 Jan MS Word subDoc Used to Steal User Account Credentials
Security researchers at Rhino Labs recently discovered that a Microsoft feature called subDoc can be used to extract NTLM hashes from Windows machines. The subDoc feature allows Word files to load sub-documents from a master document. In one scenario, attackers can use subDoc to load a...