CYBER NEWS

CVE-2019-1367: Zero-Day in Internet Explorer, Patch Now

CVE-2019-1367 is a new zero-day vulnerability of the remote code execution kind, for which an emergency patch was just issued.

The bug could allow attackers to perform remote attacks with the purpose of gaining access over a system. The vulnerability is a scripting engine memory corruption issue, which was discovered by Clément Lecigne of Google’s Threat Analysis Group.




CVE-2019-1367: Technical Details

Here’s the official description of CVE-2019-1367:

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

It should be noted that in case the user is logged in with admin rights, the attacker could take control of the entire system. This event could lead to various outcomes, including the installation of programs, and the alteration or deletion of data.

Related:
Two zero-day vulnerabilities were fixed in Microsoft?s September 2019 Patch Tuesday - CVE-2019-1214 and CVE-2019-1215, both exploited in the wild.
Microsoft Patches CVE-2019-1214, CVE-2019-1215 Zero-Day Flaws

An attack based on the CVE-2019-1367 exploit could be launched via email (malspam) or by tricking the user into visiting a maliciously crafted website. It should be mentioned that the targeted browser is Internet Explorer, which continues to be used by a large userbase. Furthermore, spam and malware campaigns take place daily, so applying the emergency patch for CVE-2019-1367 should be done immediately.

CVE-2019-1255

This is not the only issue that Microsoft is addressing. The second vulnerability is assigned the CVE-2019-1255 number and is located in Microsoft Defender. Fortunately, the bug is not as serious as the other one. Attackers could leverage the issue to prevent legitimate accounts from executing legitimate system binaries, Microsoft explained.

Even though CVE-2019-1255 is not critical, a patch should be applied. The issue is fixed in v1.1.16400.2 of the Microsoft Malware Protection Engine, which is a component of the Microsoft Defender antivirus. The vulnerability was discovered by Charalampos Billinis of F-Secure Countercept and Wenxu Wu of Tencent Security Xuanwu Lab.

Milena Dimitrova

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the beginning. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...