Rabitə və İnformasiya Texnologiyaları Nazirliyinin elektron xəbər xidməti
Windows security warning: new exploit is targeting versions 8 to 10
Microsoft sent out a patch on Tuesday which sought to fixe two actively-exploited Windows zero-day vulnerabilities. The first which targeted Windows 7 users was brought to public attention last week by Google security engineer, Clement Lecigne. He warned that the zero-day vulnerability could be used together with a Chrome exploit to take over Windows systems and advised people to upgrade to Windows 10.
The second flaw was found by Kaspersky Lab saying they have detected a new exploited vulnerability in Windows, which it believes has been used in targeted attacks by at least two threat actors.
The exploit targets Windows 8 and Windows 10, using a vulnerability in Microsoft Windows’ graphic subsystem to achieve local privilege escalation. This provides the attacker with full control over a victim’s computer.
The exploited vulnerability was detected by Kaspersky Lab’s Automatic Exploit Prevention technology.
Kaspersky Lab products detect the exploit as:
HEUR:Exploit.Win32.Generic
HEUR:Trojan.Win32.Generic
PDM:Exploit.Win32.Generic
14/03/19 Çap et