Security News > 2020 > August > Windows and IE Zero-Day Vulnerabilities Chained in 'PowerFall' Attacks
An attack launched in May 2020 against a South Korean company involved an exploit that chained zero-day vulnerabilities in Windows and Internet Explorer, Kaspersky reported on Wednesday.
The vulnerabilities exploited in the attack have now been patched, but they had a zero-day status when exploitation was first observed.
Microsoft fixed this Windows vulnerability in June, but its details were disclosed in May by Trend Micro's Zero Day Initiative along with four other unpatched security holes affecting Windows.
ZDI disclosed CVE-2020-0986, which it reported to Microsoft in December 2019, after the tech giant missed a six-month deadline and failed to release a patch in May. Kaspersky said it spotted the Windows vulnerability being exploited in attacks one day after ZDI's disclosure.
The exploit used in the WizardOpium attacks did not work on the latest Windows 10 builds.
News URL
Related news
- Windows vulnerability abused braille “spaces” in zero-day attacks (source)
- Microsoft fixes Windows Smart App Control zero-day exploited since 2018 (source)
- Patch Tuesday for September 2024: Microsoft Catches Four Zero-Day Vulnerabilities (source)
- Microsoft says it broke some Windows 10 patching – as it fixes flaws under attack (source)
- CISA warns of Windows flaw used in infostealer malware attacks (source)
- Microsoft confirms IE bug squashed in Patch Tuesday was exploited zero-day (source)
- Israel’s Pager Attacks and Supply Chain Vulnerabilities (source)
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Rackspace monitoring data stolen in ScienceLogic zero-day attack (source)
- CUPS vulnerabilities could be abused for DDoS attacks (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-09 | CVE-2020-0986 | Out-of-bounds Write vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | 7.2 |