Cybersecurity News in Asia

Features
- Featured
  
  AI adoption in India: A balancing act worth chatting about
  
  Thursday, April 25, 2024, 2:53 PM Asia/Singapore | Features, Newsletter
- Featured
  
  AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming
  
  Monday, April 22, 2024, 4:40 PM Asia/Singapore | Case Study, Features
- Featured
  
  What businesses need to know about SEO poisoning
  
  Tuesday, April 16, 2024, 4:55 PM Asia/Singapore | Features
News
- Featured
  
  How medical devices manufacturer Tuttnauer protects patient and personal-data safety
  
  Tuesday, April 23, 2024, 5:22 PM Asia/Singapore | Case Study, News
- Featured
  
  How much of automated internet traffic contains malicious activity?
  
  Monday, April 22, 2024, 9:02 AM Asia/Singapore | Cyberthreat Landscape, News, Newsletter
- Featured
  
  Large language models have their strengths and weaknesses: analysis
  
  Monday, April 22, 2024, 8:56 AM Asia/Singapore | News
Opinions
Tips
Whitepapers
Awards 2024
Directory
E-Learning

News

Zero-day exploits found in IE 11 and latest versions of Windows 10

By CybersecAsia editors and webmaster webmaster | Friday, August 14, 2020, 1:15 PM Asia/Singapore

IE11 and in Windows 10 Exploits demonstrate the need to be proactive and vigilant in defending against unknown vulnerabilities in browsers and operating systems

Recently, a targeted attack on a South Korean company was investigated and found to involve a previously-unknown full chain consisting of two zero-day exploits.

The first exploit involved remote code execution for Internet Explorer 11: a “Use-After-Free” – a type of vulnerability that can enable full remote code execution capabilities. This exploit was assigned as CVE-2020-1380. Since Internet Explorer 11 works in an isolated environment, attackers needed more privileges on the infected machine. That is the reason for the second exploit.

The second exploit involved an elevation of privileges (EoP) exploit targeting the latest versions of Windows 10, using a vulnerability in the printer service. It allows attackers to execute arbitrary code on the target machine. This elevation of privileges (EoP) exploit was assigned as CVE-2020-0986.

According to Boris Larin, A Kaspersky security expert: “What is particularly interesting in the discovered attack is that the previous exploits we found were mainly about elevation of privileges. However, this case includes an exploit with remote code execution capabilities, which is more dangerous. Coupled with the ability to affect the latest Windows 10 builds, the discovered attack is truly a rare thing nowadays. It reminds us once again to invest into prominent threat intelligence and proven protective technologies to be able to proactively detect the latest zero-day threats.”

Kaspersky experts suspect, with a low level of confidence, that the attack is linked to the DarkHotel campaign based on weak similarities between the new exploit and previously-discovered exploits that are attributed to this threat actor.

Detailed information on Indicators of Compromise related to this group, including file hashes and C2 servers, can be accessed on Kaspersky Threat Intelligence Portal.

Patches for the EoP vulnerability CVE-2020-0986 and remote code execution vulnerability CVE-2020-1380 were released on 9 June and 11 August, 2020 respectively.

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Secure Access Service Edge (SASE) Solutions for Today’s Work-From-Anywhere (WFA) Environment
Organizations are turning to Secure Access Service Edge (SASE) solutions for securing remote work environments, …Download Whitepaper
Identity Has Breached the Ecosystem
This whitepaper explores the dual nature of identity in cybersecurity, emphasizing its role in both …Download Whitepaper
Fortanix Buyers Guide for Modern Key Management and Data Security
This document underscores the pressing challenges in key management and data securityDownload Whitepaper
Fortanix Data Risk Management – Using Tokenization to Secure Your Data
In today's digital world, organizations prioritize data security. To protect sensitive information, they use tokenization, …Download Whitepaper

Middle-sidebar-banner

Case Studies

How medical devices manufacturer Tuttnauer protects patient and personal-data safety
In running a cloud-based portal to link its smart medical equipment, the firm has also …Read more
AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming
To test the safety/security of a generative AI feature, what unchartered bugs and human testing …Read more
Real estate logistics provider GLP steps up to zero trust architecture
With its physical and digital footprint growing, the global firm’s outdated legacy security stack has …Read more
Identity security woes now a thing of the past for Heng Leong Hang
The retail chain was grappling with numerous cyber risks in its IT infrastructure until it …Read more

Cybersecurity News in Asia

Featured

AI adoption in India: A balancing act worth chatting about

Featured

AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming

Featured

What businesses need to know about SEO poisoning

Featured

How medical devices manufacturer Tuttnauer protects patient and personal-data safety

Featured

How much of automated internet traffic contains malicious activity?

Featured

Large language models have their strengths and weaknesses: analysis

Zero-day exploits found in IE 11 and latest versions of Windows 10

Related Posts

Leave a reply Cancel reply

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Middle-sidebar-banner

Case Studies

Bottom sidebar