Security News > 2020 > August > Windows and IE Zero-Day Vulnerabilities Chained in 'PowerFall' Attacks
An attack launched in May 2020 against a South Korean company involved an exploit that chained zero-day vulnerabilities in Windows and Internet Explorer, Kaspersky reported on Wednesday.
The vulnerabilities exploited in the attack have now been patched, but they had a zero-day status when exploitation was first observed.
Microsoft fixed this Windows vulnerability in June, but its details were disclosed in May by Trend Micro's Zero Day Initiative along with four other unpatched security holes affecting Windows.
ZDI disclosed CVE-2020-0986, which it reported to Microsoft in December 2019, after the tech giant missed a six-month deadline and failed to release a patch in May. Kaspersky said it spotted the Windows vulnerability being exploited in attacks one day after ZDI's disclosure.
The exploit used in the WizardOpium attacks did not work on the latest Windows 10 builds.
News URL
Related news
- VPN vulnerabilities, weak credentials fuel ransomware attacks (source)
- New Windows Server 2012 zero-day gets free, unofficial patches (source)
- Japan warns of IO-Data zero-day router flaws exploited in attacks (source)
- New Windows zero-day exposes NTLM credentials, gets unofficial patch (source)
- Fully patched Cleo products under renewed 'zero-day-ish' mass attack (source)
- New Cleo zero-day RCE flaw exploited in data theft attacks (source)
- Cleo patches critical zero-day exploited in data theft attacks (source)
- Windows kernel bug now exploited in attacks to gain SYSTEM privileges (source)
- FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks (source)
- Ivanti warns of new Connect Secure flaw used in zero-day attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-09 | CVE-2020-0986 | Out-of-bounds Write vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | 7.8 |