Microsoft has released the Patch Tuesday updates for February 2020 that address a total of 99 vulnerabilities, including an Internet Explorer zero-day tracked as CVE-2020-0674 reportedly exploited by the APT group.
In January, Microsoft has published a security advisory (ADV200001) that includes mitigations for the CVE-2020-0674 zero-day remote code execution (RCE) flaw.
“A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.” reads the advisory published by Microsoft. “An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
An attacker could exploit the flaw to can gain the same user permissions as the user logged into the compromised Windows device. If the user is logged on with administrative permissions, the attacker can exploit the flaw to take full control of the system.
The CVE-2020-0674 flaw could be triggered by tricking victims into visiting a website hosting a specially crafted content designed to exploit the issue through Internet Explorer.
Microsoft announced that it was working on a p
The flaw was reported by Google’s Threat Analysis Group and Chinese
The first Darkhotel espionage campaign was spotted by experts at Kaspersky Lab in late 2014, according to the researchers the APT group has been around for nearly a decade while targeting selected corporate executives traveling abroad. According to the
According to the experts, threat actors behind the Darkhotel campaign aimed to steal sensitive data from executives while they are staying in luxury hotels, the worrying news is that the hacking crew is still active.
The attackers appeared high skilled professionals that exfiltrated data of interest with a surgical precision and deleting any trace of their activity. The researchers noticed that the gang never go after the same target twice. The list of targets includes CEOs, senior vice presidents, top R&D engineers, sales and marketing directors from the USA and Asia traveling for business in the APAC region.
Security researchers believe the APT group is a N
12 of the total vulnerabilities fixed by Microsoft this month are rated as critical in severity, and the remaining ones have been rated as important.
Microsoft Patch Tuesday updates for February 2020 also address four important-severity vulnerabilities, two privilege escalation flaws in Windows, an information disclosure bug affecting IE and Edge, and a secure boot bypass method. All four flaws have been p
Ad usual let me suggest to give a look at the analysis of the security updates made by Trend Micro’s Zero Day Initiative (ZDI).
(SecurityAffairs – Patch Tuesday updates for February 2020 , hacking)