Geeks for your information News Privacy & Security News v
Kaspersky Lab uncovers new exploited vulnerability in Microsoft Windows OS kernel
Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Kaspersky Lab uncovers new exploited vulnerability in Microsoft Windows OS kernel
harlan4096 Online
MalWare Zoo Team
*******
Posts: 12,939
Threads: 8,890
Thanks Received: 8,767 in 6,926 posts
Thanks Given: 9,659
Joined: 12 September 18
#1
Information  08 January 19, 11:56
[Image: zero-day-vulnerabilities-are-previously-...510966.jpg]
Quote:Kaspersky Lab technologies have automatically detected a new exploited vulnerability in the Microsoft Windows OS kernel, the third consecutive zero-day exploit to be discovered in three months.

The latest exploited vulnerability (CVE-2018-8611) was found in malware targeting a small number of victims in the Middle East and Asia.

Because the vulnerability exists in the kernel mode module of the operating system, the exploit is particularly dangerous and can be used to bypass built-in exploit mitigation mechanisms in modern web browsers, including Chrome and Edge. The vulnerability has been reported to Microsoft, which has released a patch.

Zero-day vulnerabilities are previously unknown, and therefore unpatched, software bugs that attackers can exploit to gain access to victim systems and devices. They are immensely valuable to threat actors, and difficult to detect.

All three exploits were detected by Kaspersky Lab’s Automatic Exploit Prevention technology, embedded in most of the company’s products. Like the previous two exploited vulnerabilities (CVE-2018-8589 and CVE-2018-8453), patched by Microsoft in October and November respectively, the latest exploit was found used in-the-wild targeting victims in the Middle East and Africa. The exploit for CVE-2018-8589 was called “Alice” by the malware writers, who also referred to the latest exploit as “Jasmine”. Kaspersky Lab researchers believe that the new vulnerability has been exploited by multiple threat actors, including a new advanced persistent threat (APT) called Sandcat.

“The detection of three kernel mode zero-days within a few months is evidence that our products use the best technologies, which are capable of detecting such sophisticated threats. For organizations, it is important to understand that to protect their perimeter they should use a combined solution, like endpoint protection with an advanced threat detection platform,” – said Anton Ivanov, a security expert at Kaspersky Lab.
Full reading: https://www.arabianindustry.com/technolo...l-6020495/
[-] The following 2 users say Thank You to harlan4096 for this post:
  • Deep900, silversurfer
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
NoVirusThanks OSArmor v2.0.0.0
OSArmor has been u...harlan4096 — 07:10
Apple releases iOS 17.5.1 to fix Photo g...
Apple has released...harlan4096 — 07:08
Microsoft announces Copilot+ PCs and AI-...
On a special event...harlan4096 — 07:06
1.0.98 release (2024/05/19)
1.0.98 release (20...harlan4096 — 06:32
Chrome extensions may slow down browsing...
Extensions are one...harlan4096 — 06:31

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (37)axuben
avatar (38)ihijudu
avatar (48)Mirzojap
avatar (34)idilysaju
avatar (38)odukoromu
avatar (44)Joanna4589

[-]
Online Staff
There are no staff members currently online.

>