This uses a variety of cookies, which you agree to if you continue to use this site. You can read our privacy policy to learn more about how these cookies are used and to grant or withdraw your consent to certain types of cookies. Accept and reject this banner by clicking OK.
By Jessica Davis
August 12, 2020- The Department of Homeland Security’s cybersecurity and infrastructure security company has alerted two Microsoft software updates. The latest patch fixes an identity theft vulnerability and a remote code execution vulnerability (CER) last active operation.
The CVE-2020-1380 RCE flaw is discovered in the way the script engine processes items in Internet Explorer memory, which may be corrupted in a way that would give an attacker the ability to execute arbitrary code while appearing as an existing user.
In fact, a successful feat would give a hacker the same user rights as the existing user. As such, if the existing user is connected with administrative rights, the exploit would allow an attacker to take the affected formula and then install formulas and view, edit or delete data, as well as create new user accounts with a full user. Rights.
“In an Internet attack scenario, an attacker can host a specially designed Internet site to exploit the Internet Explorer vulnerability and then convince the user to stop at the website,” the researchers explained.
“An attacker can also integrate an ActiveX marked ‘safe to boot’ into a Microsoft Office application or document that hosts the IE rendering engine, they added.” The attacker can also take advantage of compromised Internet sites and Internet sites that settle for or host user-provided content or advertisements. These Internet sites may include specially designed content that can also exploit the vulnerability. “
The Microsoft solution fixes the failure by converting the memory is controlled through the script engine. The vulnerability can be discovered in Windows 10, Windows 7, Windows 8.1, Windows Server 2008, and Windows Server 2012.
The flaw has been effectively exploited, so organizations want to prioritize patches to be attacked. Microsoft has not known workarounds or other mitigation methods.
Microsoft also released a patch for an indexed identity theft vulnerability such as CVE-2020-1464, which exists when Windows incorrectly validates log signatures. A successful feat would allow an attacker to bypass security to upload missed records.
“In an attack scenario, an attacker can simply bypass security features designed to prevent the upload of badly signed files,” the alert says.
The vulnerability can be discovered in Windows 10, Windows 7, and Windows 8.1, such as Windows Server 2008, Server 2012, Server 2016, Server 2019, and versions 1903, 1909, and 2004.
Microsoft has not known any mitigation points or workarounds for the failure, which means that the solution will need to be prioritized to avoid exploitation, as it is in operation lately.
System vulnerabilities are a key access point for various hacker groups, especially those involved in ransomware threats. In June, an examination through Palo Alto Network Unit 42 showed that a new malware crusade known as Lucifer actively targets a multitude of critical and high-risk vulnerabilities not corrected in Windows to release cryptojacking and denial-of-service attacks.
The FBI had warned in the past that, due to the accumulation of ransomware attacks, hackers were increasingly targeting remote desktop vulnerabilities and software vulnerabilities to infect organizations.
In particular, NetWalker targets vulnerable Pulse Secure Virtual Personal Networks (VPNs). Over the next week, hackers have released information allegedly stolen from various vendors and a device manufacturer.
Organization TypeSelect an Accounting Organization Auxiliary Clinical Services Provider Federal/State/Municipal Health Agency/Medical Center/Multi-Hospital System/IDN Patient Center Payer/Insurance Company/Managed/Pharmaceutical Care Organization/Biotechnology/Biomedical Medical Practice Company/ Physician Group Qualified Care Facility Vendeur
See our policy
Enter your email to get a link to reset your password
BEC phishing campaigns prevent multi-factor authentication and target Office 365 accounts
SIGN UP and exclusive articles, technical reports, webcasts and interviews for the loose
Organization TypeSelect an Accounting Organization Auxiliary Clinical Services Provider Federal/State/Municipal Health Agency/Medical Center/Multi-Hospital System/IDN Patient Center Payer/Insurance Company/Managed/Pharmaceutical Care Organization/Biotechnology/Biomedical Medical Practice Company/ Physician Group Qualified Care Facility Vendeur