Serviceteam IT Security News

There is no word on which threat actor is abusing the severe vulnerability for attacks

Microsoft is urging Windows users to install an emergency security patch to address a critical vulnerability that affects multiple versions of Internet Explorer (IE) and is under active exploitation by unspecified bad actors.

The company’s advisory notes that the zero-day, listed as CVE-2019-1367, is a remote code execution vulnerability that has to do with how the browser’s scripting engine handles objects in memory. It affects IE versions 9, 10 and 11.

If exploited, the security hole could allow remote attackers to run malicious code on the affected system, giving them the same privileges as those of the current user. If the user is logged in with admin rights, the attackers could take complete control of the system to install malware, steal or tamper with data, and set up accounts with full user rights.

“In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email,” said Microsoft. The bug has also prompted a warning from the United States’ Cybersecurity and Infrastructure Security Agency (CISA).

IE users are advised to install the updates post-haste. To do so, some user action is needed, such as by following the links to the update packages that are listed in the advisory. Microsoft has also issued temporary workarounds for users who cannot implement the fixes promptly. Various statistics put the market share of the browser’s eleventh version at between 2.6 percent and 7 percent.

The IE bug isn’t the only issue that Microsoft is fixing this week and separately from the usual security update cycle known as Patch Tuesday. Also being patched is a denial-of-service flaw that affects Windows Defender. The latter bug, designated as CVE-2019-1255, is not as severe and there are no known cases of it being actively exploited for attacks. No user action is required to plug this hole, as the update will be shipped automatically within a few days.

Source: HERE

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!