Security News Remote Code Execution Vulnerability Disclosed in Windows JScript Component

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Content source
https://www.bleepingcomputer.com/news/security/remote-code-execution-vulnerability-disclosed-in-windows-jscript-component/
A vulnerability exists in the Windows operating system's JScript component that can allow an attacker to execute malicious code on a user's computer.


Responsible for discovering this bug is Dmitri Kaslov of Telspace Systems, who passed it along to Trend Micro's Zero-Day Initiative (ZDI), a project that intermediates the vulnerability disclosure process between independent researchers and larger companies.

ZDI experts reported the issue to Microsoft back in January, but Microsoft has yet to release a patch for this vulnerability. Yesterday, ZDI published a summary containing light technical details about the bug.

JScript bug leads to RCE

According to this summary, the vulnerability allows remote attackers to execute malicious code on users' PCs.

Because the vulnerability affects the JScript component (Microsoft custom implementation of JavaScript), the only condition is that the attacker must trick the user into accessing a malicious web page, or download and open a malicious JS file on the system (typically executed via the Windows Script Host —wscript.exe).
....
.....
...
Click to expand...

Flaw does not lead to full system compromise

Gorenc told us the vulnerability is not as dangerous as it sounds, as it does not allow a full system compromise.

"The flaw only allows code execution within a sandboxed environment," Gorenc said. "An attacker would need additional exploits to escape the sandbox and execute their code on the target system."
The vulnerability has received a 6.8 rating out of 10 on the CVSSv2 severity scale, which is a pretty high score, when compared to most vulnerabilities.

Microsoft is working on a patch

According to Gorenc, a patch is coming. "To the best of our knowledge, Microsoft does still intend to release a fix for this bug. However, they did not complete the fix within the timelines set out in our disclosure policy."
...
....
Click to expand...
 
  • Like
Reactions: silversurfer, harlan4096, Fel Grossi and 1 other person
You must log in or register to reply here.

Similar threads

[correlate]
    • Like
The stack buffer overflow vulnerability leads to arbitrary code execution in UEFI application on multiple HP devices.
Replies
0
Views
1,253
News Archive
[correlate]
[correlate]
[correlate]
    • Like
    • +Reputation
Millions of Exim mail servers exposed to zero-day RCE attacks
Replies
0
Views
1,352
News Archive
[correlate]
[correlate]
CyberPanther
    • Like
New Update ESET patches High-Severity Privilege Escalation Vulnerability
Replies
0
Views
1,451
ESET
CyberPanther
CyberPanther

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top