Security News > 2021 > February > Vendor Ships Unofficial Patch for IE Zero-Day Vulnerability
Slovenia-based cybersecurity research company ACROS Security last week announced the release of an unofficial micro-patch for a zero-day vulnerability in Microsoft Internet Explorer that North Korean hackers are believed to have exploited in a campaign targeting security researchers.
South Korean security vendor ENKI published a report on the IE zero-day in early February, claiming that North Korean hackers leveraged it to target its researchers with malicious MHTML files leading to drive-by downloads of malicious payloads.
Microsoft has confirmed receiving a report on the vulnerability through an "Incorrect channel," and said that it was committed to investigate the report and deliver a patch as soon as possible.
On Thursday, ACROS Security announced that an unofficial patch for the vulnerability is now available through its 0patch service.
To address the bug, the unofficial patch no longer allows for "An HTML Attribute value to be an object." With only 5 or 6 CPU instructions, the patch should fully prevent exploitation, ACROS Security says.
The first batch of patches is being delivered to Windows systems that run the January 2021 Patch Tuesday updates and to those last updated on January 2020.
News URL
Related news
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs and Patch Released (source)
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)
- Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
- New Windows zero-day exposes NTLM credentials, gets unofficial patch (source)
- Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged (source)