Zero day vulnerability in Windows OS and Internet Explorer exploited

431

A research carried out by Kaspersky Labs has confirmed that hackers recently launched a cyber attack on a South Korean company by leveraging a zero-day vulnerability in Microsoft’s Internet Explorer(IE) and Windows 10 Operating system.

An analysis made by the security researchers at a later stage found that the cyber crooks exploited the Elevation of Privileges (EoP) (assigned as CVE-2020-0986) existing in Windows OS and a remote code execution exploit in IE 11 (assigned as CVE-2020-1380).


Note 1- A zero day exploit is a kind of unknown vulnerability existing in a software or hardware that can later be used by hackers to create trouble to the OEMs. But Kaspersky says that such exploits are usually exploited on the same day of the weakness of exposure.

Kaspersky says that organizations can guard their software from such hacking exploits by deploying Virtual Area Networks to protect the transmission of data, and use secure firewalls along with Wi-Fi systems to defend themselves from wireless malware attacks.

Furthermore, individual IE and Windows 10 users can defend themselves from such zero day vulnerabilities by keeping their OSes up to date and accessing web portals that are having a SSL certificate.

Note 2- On Tuesday this week i.e. on August 11th,2020 Microsoft issued patches for over 120 vulnerabilities existing across 13 varied products and that includes Edge browser to Windows 10 OS and SQL Server to dot NET Framework.