1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Exploits for nasty Internet Explorer bug found on hacking forums

    From TechnologyDaily@1337:1/100 to All on Mon Sep 13 15:30:04 2021
    Exploits for nasty Internet Explorer bug found on hacking forums

    Date:
    Mon, 13 Sep 2021 14:17:49 +0000

    Description:
    Hackers teaching their buddies how to create exploits based on recently disclosed, and as yet unpatched MSHTML vulnerability.

    FULL STORY ======================================================================

    In addition to sharing working exploits, threat actors are not sharing tutorials to help others fabricate their own attacks that make use of the recently discovered zero-day vulnerability in Internet Explorer s browser engine Trident, also known as MSHTML, according to reports.

    Microsoft disclosed the vulnerability, tracked as CVE-2021-40444, last week saying that it could be weaponized through malicious documents with ActiveX content to execute commands on a victim's computer remotely.

    Soon after Microsofts disclosure, security researchers were able to spot documents on the internet with ActiveX content designed specifically to take advantage of CVE-2021-40444. TechRadar needs you!

    We're looking at how our readers use VPNs with streaming sites like Netflix
    so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

    Click here to start the survey in a new window << Protect your devices
    with these best antivirus software These are the best malware removal
    software on the market Here are the best ransomware protection tools

    BleepingComputer now reports that threat actors have started circulating guides and information regarding the vulnerability on underground hacking forums to help other malicious users craft exploits based on CVE-2021-40444. No cure, only mitigations

    Although software companies dont disclose a vulnerability, until it has been fixed, Microsofts hand was forced after security vendors EXPMON and Mandiant both spotted the vulnerability being exploited.

    In response, Microsoft decided to disclose the vulnerability and shared mitigations , which involve blocking ActiveX controls and Microsoft Office document previews in Windows Explorer, to defang the exploit, even as the software giant works to create a patch to plug the vulnerability.

    However, researchers have since been able to modify the exploit not to use ActiveX, effectively bypassing Microsoft's mitigations. Threat actors reportedly had already discovered this workaround, and used it to create more spurious documents and instructions.

    The information is reportedly simple to follow and enables anyone to create their own working version of the CVE-2021-40444 exploit.

    The good news however is that security programs such as Microsoft Defender have been equipped to detect and flag such malicious documents, which is the best users can hope for in the absence of an official fix. We've put together a list of the best endpoint protection software

    Via BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/exploits-for-nasty-internet-explorer-bug-found- on-hacking-forums/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)