Collaborate Disseminate
Last week, Microsoft reported the RCE vulnerability CVE-2021-40444 in the MSHTML browser engine. Kaspersky is aware of targeted attacks using this vulnerability, and our products protect against attacks leveraging it. Continue reading Exploitation of the CVE-2021-40444 vulnerability in MSHTML
Kaspersky prevented an attack on a South Korean company by a malicious script for Internet Explorer. Closer analysis revealed that the attack used a previously unknown full chain that consisted of two zero-day exploits. Continue reading Internet Explorer and Windows zero-day exploits used in Operation PowerFall
A Microsoft security advisory published last Friday warns users of a zero-day vulnerability affecting Internet Explorer 9, 10 and 11 when running on Windows 7 (recently discontinued), 8.1, 10, Server 2008, Server 2012, Server 2016, and Server 2019.… Continue reading Microsoft reports Zero-Day Internet Explorer vulnerability exploited in the wild
You might think that any security issues with Internet Explorer shouldn’t be much of a problem anymore. After all, most computer users have moved on to more modern alternative browsers like Chrome, Brave, Firefox, Safari, or Microsoft Edge. And e… Continue reading It doesn’t matter if you don’t use Internet Explorer, you could still be at risk from this IE zero-day vulnerability
Exclusive — A security researcher today publicly disclosed details and proof-of-concept exploits for two ‘unpatched’ zero-day vulnerabilities in Microsoft’s web browsers after the company allegedly failed to respond to his responsible private disclosur… Continue reading Unpatched Zero-Days in Microsoft Edge and IE Browsers Disclosed Publicly
In late April 2018, a new zero-day vulnerability for Internet Explorer (IE) was found using our sandbox; more than two years since the last in the wild example (CVE-2016-0189). This particular vulnerability and subsequent exploit are interesting for many reasons. Continue reading The King is dead. Long live the King!