Microsoft urgently fixed 0-day vulnerabilities in IE and Microsoft Defender

by Brendan Smith
September 25, 2019
Microsoft fixed 0-day vulnerabilities
Written by Brendan Smith

Microsoft developers released emergency patches for problems CVE-2019-1367 and CVE-2019-1255, thereby eliminating two 0-day vulnerabilities: in the scripting engine of Internet Explorer and Microsoft Defender.

The most serious of these two problems is the vulnerability in Internet Explorer, since it allows remote execution of arbitrary code in the context of the current user, and it is already exploited by attackers.

“A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user”, — reported in a Microsoft message.

Microsoft has not yet released details about this vulnerability. It is said that the problem is present at least in IE 9-11, and to implement the attack, the attacker just needs to lure the user of the vulnerable version of Internet Explorer to a malicious site.

“In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email”, — report in Microsoft.

Interestingly, judging by the security bulletin, for now, Windows users will have to download the patch from the Microsoft Update Catalog and manually launch it on their systems.

Through Windows Update, a fix is not yet available.

Google experts discovered the problem in Internet Explorer. Recalling, same experts recently revealed attacks on iPhone users, and then was reported about unknown attackers, which used similar tactics against Android and Windows users. However, it is not yet clear whether the 0-day bug discovered by researchers in IE is related to those attacks.

Read also: Microsoft has fixed two new vulnerabilities that are similar to BlueKeep

Vulnerability in Microsoft Defender (formerly Windows Defender), in turn, is a denial of service (DoS) problem.

Fortunately, in order to exploit this vulnerability, an attacker would first need to gain access to the victim’s system and find a way to execute the code. If these conditions are met, the bug allows the attacker to disable Microsoft Defender components, however, if the attacker already has rights to execute the code on the victim’s computer, he can use many other methods for invisibly executing malicious code, for example, fileless attacks.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Brendan Smith

I'm Brendan Smith, a passionate journalist, researcher, and web content developer. With a keen interest in computer technology and security, I specialize in delivering high-quality content that educates and empowers readers in navigating the digital landscape.

With a focus on computer technology and security, I am committed to sharing my knowledge and insights to help individuals and organizations protect themselves in the digital age. My expertise in cybersecurity principles, data privacy, and best practices allows me to provide practical tips and advice that readers can implement to enhance their online security.

View all posts

Leave a Reply

Sending