Internet Explorer and Microsoft Defender: vulnerable to RCE attacks

by admin-kervin
Internet Explorer and Microsoft Defender: vulnerable to RCE attacks

Last year, the average number of vulnerabilities discovered daily was 45. Almost tripling the 2016 figure. Proper names of cyberattacks such as WannaCry, the Equifax data breach or cyberattack at the Winter Olympics are a consequence of exploiting a vulnerability in the system. Last month there was a great impact caused by a vulnerability in the WebAdmin Plugin of OpenDreamBox , impacting 32% of organizations worldwide, that is, to one in three companies.

The increase in exploited faults dramatically increases the possibility of suffering a remote code execution attack (RCE). Without going any further, this year Windows It has suffered several serious vulnerabilities, which have come to affect millions of users worldwide, raising concern by increasing the risk of malicious actors launching a threat. In May, a vulnerability called BlueKeep was discovered in Windows 7, XP and other older systems that affected a million users. Three months later, four new vulnerabilities were discovered, called DejaBlue, which are estimated to have affected more than 800 million users.

Internet Explorer, the latest vulnerable application

On September 23, Microsoft released an urgent update for Internet Explorer. The solution in particular is a patch that seeks to fix a critical vulnerability that was being actively exploited by cybercriminals.

The vulnerability has been designated as CVE-2019-1367. In this case, it is a remote code execution vulnerability and exists in the way in which the scripting engine handles objects in Internet Explorer memory. The failure could corrupt memory and allow the attacker to gain administrative privileges, taking control of the system to install programs or alter data with all user privileges.

Nous recommandons:  Surprise? Internet has mysterious photos of a new Motorola!

The vulnerability, detected in at least versions 9 to 11 of Internet Explorer, can be exploited by a malicious website or email to execute code remotely. This means that a computer can be hijacked through a malicious website or email. With this access, it would be possible to inject malware, spyware or other types of malicious software.

These types of remote code execution vulnerabilities are relatively common at Microsoft, and the company usually releases between 10 and 20 patches per month to solve them in its ‘Patch Tuesdays’. However, the severity of this case, along with the fact that it has already been exploited, has prompted Microsoft to launch this patch outside its usual cycle of updates.

Although Internet Explorer is no longer as ubiquitous as it used to be (in fact, it is estimated that it has only 8.3% of the market share), it is very likely that users have it installed on their computer, so That, it is recommended that you install the patch.

Microsoft also took advantage of the release of this update to launch another patch for the Microsoft Defender antivirus included by default in Windows 10 to fix a vulnerability called CVE-2019-1255, which could facilitate DDoS attacks.

Vulnerabilities do not have to paralyze your company

Those who have not updated their equipment, we recommend doing so as soon as possible. To protect yourself, you can download the patch released by Microsoft here. The patches have been issued for Windows 10 (all versions with support), Windows 8.1, Windows 7, the versions of Windows Server with current support.

Nous recommandons:  Microsoft To-Do beta for Android now allows you to assign tasks to a shared list

According to a report by Ponemon Institute and ServiceNow, companies spend an average of more than more than 321 hours per week managing the vulnerability response process. To facilitate the work of updating your organization's systems, it is essential to have a solution that manages updates. Panda Patch Management, the vulnerability management solution and its corresponding updates and Panda Security patch, audits, monitors and prioritizes updates to operating systems and hundreds of third-party applications.

In detections of exploits and malicious programs, the operation involves notifying the pending patches. The installation is launched immediately or can be programmed from the console, isolating the equipment if necessary. In this way, you will be able to manage the necessary patches for your company without having to invest more time or resources in it. And you will complete your protection system to shield your assets.

This site uses cookies to improve your experience. Accept Read more

Privacy Policy
escort malatya escort bursa escort antalya escort konya mersin escort
konya escort antalya escort malatya escort malatya escort bursa escort hatay escort kayseri escort kahramanmaraş escort niğde escort mersin escort