Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


Two Microsoft Edge Bugs Integrated by Sundown EK Authors

Microsoft has been advertising Microsoft Edge as the most secure browser but is this really true?

CVE-2016-7200 and CVE-2016-7201 are two vulnerabilities found in the Chakra JavaScript engine in Edge. They were reported last November and fixed by Microsoft. One would think that the story ends here, but it doesn’t.

CVE-2016-7200 and CVE-2016-7201 Integrated by Sundown EK

It’s now known that the so called “twin bugs” have been integrated by the authors of the Sundown exploit kit thanks to a security company’s proof-of-concept. This leaves users of Microsoft Edge prone to a range of malicious attacks. Nonetheless, Windows users shouldn’t panic that much as Edge applies patches automatically.

This means that a smaller number of users may be affected. Fortunately, the improved exploit mitigations in Windows 10 should prevent malicious attempts from becoming successful attacks.

However, the Edge Chakra Javacript exploit is expected to be incorporated into other exploit kits. Let’s not forget that zero days and freshly discovered bugs are favorite specialties on the malware market. Malware researcher Kafeine was the one who reported the use of CVE-2016-7200 and CVE-2016-7201 by Sundown authors. They were taken from a proof-of-concept recently released by US Security startup Theori.

As we already wrote, Sundown exploit kit latest activity was detected on December 27, 2016, where attackers used PNG images to store the harvested information and the exploit code. In September’s attacks with the payload being the CryLocker ransomware, PNG files were also used to pack harvested user information. The images were then uploaded to an Imgur album so that cybercriminals could avoid detection. Researchers also uncovered that the exploit code within the PNG image also included an exploit code targeting the CVE-2015-2419 vulnerability.

Protection Against Sundown Exploit Kit and Other EKs

Exploit kits have been used on an industrial scale. They are automated toolkits that scan a user’s web browser, and analyze it for flaws to leverage before delivering the malicious payload. This means your browser should always be fully patched – never estimate the importance of security updates. Users should immediately install security fixes for all their software – as soon as patches are released.

In case a patch is not yet released, an attack relying on this vulnerability can still be deflected by up-to-date anti-malware software. Most such programs will detect and intercept the exploits attempting to take advantage of a flaw.

Download

Malware Removal Tool


Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter

Milena Dimitrova

An inspired writer, focused on user privacy and malicious software. Enjoys 'Mr. Robot' and fears '1984'.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.