Windows, IE11 zero-day vulnerabilities chained in targeted attack

[correlate]

Level 18
Thread author
Top Poster
Well-known
May 4, 2019
801
An advanced threat actor exploited one of the two zero-day vulnerabilities that Microsoft patched on Tuesday in a targeted attack earlier this year.

The adversary chained two flaws in Windows, both unknown at the time of the attack, in an attempt to achieve remote code execution and increase their privileges on a compromised machine.
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,457
The bad news is that IE is possibly the Achilles heel of Windows 10.
Microsoft recomends using Microsoft Edge as your default browser and supports Internet Explorer 11 for backward compatibility.
I can guess a majority here on MT already installed and use the latest Edge version, but in the case of IE11 I personal disabled it a long time ago as I don't use it/need it anyway.

 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
I can guess a majority here on MT already installed and use the latest Edge version, but in the case of IE11 I personal disabled it a long time ago as I don't use it/need it anyway.

I also have IE 11 disabled trough Windows Features, but it's still on the sytem.
For me, the interesting part from the Bleeping Computer article is:
While there is little data to determine the initial infection vector, Larin told BleepingComputer that “exploitation with a malicious Office document might be possible because MS Office uses IE to display web-content.”
And that seems to be true, because I don't have IE installed anymore, but CCleaner still cleans IE cookies.
 

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,457
Yeah I saw the same, but I doubt MS Office Online does that or? :unsure: I even read Kasperskys report and I didn't got more wise. 😅
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
Yeah I saw the same, but I doubt MS Office Online does that or? :unsure: I even read Kasperskys report and I didn't got more wise. 😅
No MS Office Online would use the engine from the browser you use to access it.
It's the regular installed Office and IMO especially Outlook that uses IE to display web-content (example is HTML formatted emails).
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top