Security News > 2020 > August > Windows and IE Zero-Day Vulnerabilities Chained in 'PowerFall' Attacks
An attack launched in May 2020 against a South Korean company involved an exploit that chained zero-day vulnerabilities in Windows and Internet Explorer, Kaspersky reported on Wednesday.
The vulnerabilities exploited in the attack have now been patched, but they had a zero-day status when exploitation was first observed.
Microsoft fixed this Windows vulnerability in June, but its details were disclosed in May by Trend Micro's Zero Day Initiative along with four other unpatched security holes affecting Windows.
ZDI disclosed CVE-2020-0986, which it reported to Microsoft in December 2019, after the tech giant missed a six-month deadline and failed to release a patch in May. Kaspersky said it spotted the Windows vulnerability being exploited in attacks one day after ZDI's disclosure.
The exploit used in the WizardOpium attacks did not work on the latest Windows 10 builds.
News URL
Related news
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Microsoft fixes Windows zero-day exploited in QakBot malware attacks (source)
- Critical Rust flaw enables Windows command injection attacks (source)
- Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks (source)
- Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack (source)
- Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks (source)
- Telegram fixes Windows app zero-day caused by file extension typo (source)
- Telegram fixes Windows app zero-day used to launch Python scripts (source)
- Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack (source)
- Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-09 | CVE-2020-0986 | Out-of-bounds Write vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | 7.2 |