Technology

Important Windows bug repaired today is actively being exploited to hack users

   Download Android App    Share in      FullScreen   CheckVideos

Enlarge (credit: Lisa Brewster / Flickr) Microsoft on Tuesday patched two Windows vulnerabilities that attackers are actively exploiting in the wild to install malicious apps on the computers of unwitting users. The first vulnerability resides in the VBScript Engine included in all currently supported versions of Windows.

A so-called use-after-free flaw involving the way the engine handles computer memory allows attackers to execute code of their choice that runs with the same system privileges chosen by the logged-in user.

When targeted users are logged in with administrative rights, attackers who exploit the bug can take complete control of the system.

In the event users are logged in with more limited rights, attackers may still be able to escalate privileges by exploiting a separate vulnerability. CVE-2018-8174, as the flaw is formally indexed, is being actively exploited by attackers, Microsoft officials said.

The vulnerability was discovered by antivirus provider Kaspersky Lab, which then reported it to Microsoft.

In the exploits observed by Kaspersky Lab: Read 4 remaining paragraphs | Comments




Unlimited Portal Access + Monthly Magazine - 12 issues-Publication from Jan 2021

Buy Our Merchandise (Peace Series)

 

Contribute US to Start Broadcasting


It's Voluntary! Take care of your Family, Friends and People around You First and later think about us. Its Fine if you dont wish to contribute and if you wish to contribute then think about the Homeless first and Feed them. We can survive with your wishes too :-). You can Buy our Merchandise too which are of the finest quality.

Debit/Credit/UPI

UPI/Debit/Credit

Paytm

STRIPE

Details
Category: Technology


25