Casa > cibernético Notícias > Recently Patched CVE-2018-8373 Used in Active Exploits
CYBER NEWS

CVE-2018-8373 com patch recente usado em explorações ativas

Microsoft Office CVE-2017-0199 Exploit

CVE-2018-8373 is a severe remote code execution vulnerability which was fixed in agosto 2018 patch Tuesday. The vulnerability was located in Internet Explorer and the way it manages objects in memory. At the time the advisory was published, there were no reports of active infections.




Contudo, further analysis revealed that the problem appeared to be similar to another issue that was addressed in the May Patch Tuesday updates. The vulnerability was also included in the infection strategy of multiple Trojans.

Over a month later, security researchers at Trend Micro came across another exploit that uses the CVE-2018-8373 vulnerability:

Em setembro 18, 2018, more than a month after we published a blog revealing the details of a use-after-free (UAF) vulnerability CVE-2018-8373 that affects the VBScript engine in newer Windows versions, we spotted another exploit, possibly in the wild, that uses the same vulnerability, the researchers recently wrote.

It should be noted that this new exploit is not working on systems that have updated Internet Explorer versions.

What’s Different in the New CVE-2018-8373 Exploit?

Instead of modifying the CONTEXT structure of NtContinue to execute shellcode, Os pesquisadores explicado, such as in the case of the previous exploit sample, this new sample obtains execution permission from Shell.Application by modifying the SafeMode flag in the VBScript Engine. além do que, além do mais, the execution of this exploit resembles the executions of CVE-2014-6332 and CVE-2016-0189 exploits.

The researchers also discovered that the attackers behind the new exploit also use another VBScript vulnerability known as CVE-2018-8174, in a file hosted on a malicious website.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...