NeedleDropper malware leverages a memory corruption flaw in Microsoft to disseminate

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

A new dropper strain dubbed NeedleDropper is used to distribute multiple malware families. The dropper attempts to obfuscate by dumping numerous useless, invalid files and storing critical data within several MB of irrelevant data, and it also uses credible applications to execute.