Comments
Hackers have leveraged zero-day vulnerabilities in Windows OS and Internet Explorer to carry out targeted cyber attacks, according to a recent report by cybersecurity firm Kaspersky.
Earlier this year, the security firm claimed to have detected and stopped a targeted attack on a South Korean company.
“Closer analysis revealed that this attack used a previously unknown full chain that consisted of two zero-day exploits: a remote code execution exploit for Internet Explorer 11 and an elevation of privileges (EoP) exploit for Windows. The latter was targeting the latest versions of Windows 10,” Kaspersky said in its report.
A zero-day vulnerability is a software bug that hackers can use to target specific users.
“Once discovered, they make it possible to conduct malicious activities discreetly, causing serious and unexpected damage,” said the firm.
Researchers at Kaspersky discovered two such vulnerabilities while researching said cyber attack. One of the vulnerabilities found in Internet Explorer is a Use-After-Free. The vulnerability can help hackers gain remote access to a system to execute a particular code. This exploit was assigned as CVE-2020-1380.
Hackers, however, need more privileges to attack a system through Internet Explorer as the browser works in an isolated environment. For this, they exploited a second vulnerability found in Windows which allows them to execute arbitrary code on the victim’s machine. This elevation of privileges (EoP) exploit was assigned as CVE-2020-0986, as per the report.
“What is particularly interesting in the discovered attack is that the previous exploits we found were mainly about elevation of privileges. However, this case includes an exploit with remote code execution capabilities which is more dangerous. Coupled with the ability to affect the latest Windows 10 builds, the discovered attack is truly a rare thing nowadays. It reminds us once again to invest into prominent threat intelligence and proven protective technologies to be able to proactively detect the latest zero-day threats,” said Boris Larin, security expert at Kaspersky.
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.