Security News > 2020 > August > Windows and IE Zero-Day Vulnerabilities Chained in 'PowerFall' Attacks
An attack launched in May 2020 against a South Korean company involved an exploit that chained zero-day vulnerabilities in Windows and Internet Explorer, Kaspersky reported on Wednesday.
The vulnerabilities exploited in the attack have now been patched, but they had a zero-day status when exploitation was first observed.
Microsoft fixed this Windows vulnerability in June, but its details were disclosed in May by Trend Micro's Zero Day Initiative along with four other unpatched security holes affecting Windows.
ZDI disclosed CVE-2020-0986, which it reported to Microsoft in December 2019, after the tech giant missed a six-month deadline and failed to release a patch in May. Kaspersky said it spotted the Windows vulnerability being exploited in attacks one day after ZDI's disclosure.
The exploit used in the WizardOpium attacks did not work on the latest Windows 10 builds.
News URL
Related news
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- New Windows Themes zero-day gets free, unofficial patches (source)
- Windows Themes zero-day bug exposes users to NTLM credential theft (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution (source)
- Zero-days dominate top frequently exploited vulnerabilities (source)
- How a Windows zero-day was exploited in the wild for months (CVE-2024-43451) (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-09 | CVE-2020-0986 | Out-of-bounds Write vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | 7.8 |