VB script vulnerabilities
02
JAN

Cyber Security Companies are becoming well aware of a new kind of vulnerability with high attack complexities.

This vulnerability has been reported in Microsoft Internet Explorer. It exists in the way that the VBScript engine handles objects in memory, and is also called as -'VBScript Remote Code Execution Vulnerability’.

Name of the CVE :

CVE- 2019-1485

Date it was discovered:

10.12.2019

How does it affect the systems?

The vulnerabilities allow the remote attacker to carry out arbitrary code on a targeted system of the current user. Once the attack gains success it can access all the data and the personal information as the user can. They gain all the rights to exploit the vulnerability to gain control over the affected system.

An attacker could then install malicious programs, view changes, or even delete data; it can also create a completely new account with full user rights.

Cyber Security Consultancy reported that “In web, an attacker could carry out a specially designed website that is specially designed to spread vulnerability through Internet Explorer and also convince the user to view the website.”

An attacker could also implant an ActiveX control marked “Safe for Initialization” in an app or Microsoft Office document that hosts the IE rendering engine. Another way the attackers uses is by creating crafted Microsoft Office files, malicious websites, and website that accept or hosts user-provided content or advertisements. These websites could contain specially designed content that could take advantage of the vulnerability. The security update addresses the vulnerability by altering how the designed engine handles objects in memory.

Software Affected:

Microsoft Internet Explorer 9

Microsoft Internet Explorer 10

Microsoft Internet Explorer 11

Mitigations:

No such mitigations have been identified by Microsoft still now.

Risk:

High

Recommendations:

  • • To diminish the impact of the hidden vulnerabilities always run non-administrative software as an unprivileged user with minimal access rights.
  • • Never open or handle files from an unknown source
  • • Never visit sites or neither follow links provided by unfamiliar sources
  • • Implementing various memory-protection schemes may reduce an attacker’s ability to exploit this vulnerability.
  • • Expand your company’s Network Interference Detection System (NIDS). It will help to monitor network traffic from malicious attacks. It is not limited to unexplained traffics (both incoming and outgoing) and also indicates exploit attempts or activities that result from successful exploitations.

Microsoft Disclaimer:

“The information provided in the Microsoft Knowledge Base is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.”

To secure your company from such vulnerability attacks always consult with an expert Cyber Security Consultancy.



Leave a Comment:

Populer Postes

26 DEC, 2019

Microsoft Skype for Business Server (CVE-2019-1490) Spoofing Vulnerability

Get Exclusive Cyber Security Tips On:

Prevention from damage dealt to an organization’s reputation.

Investments on fixing the issues caused by attack.

Preventing confidential data and Intellectual Property being stolen

Prevention of revenue loss due to service disruption and much more.

Subscribe Now