News

Microsoft has eliminated 0-day in Internet Explorer & Exchange Server

Microsoft has released a regular monthly set of patches, eliminating fairly serious security problems. First of all, we are talking about a 0-day vulnerability in Internet Explorer, which is actively exploited by hackers. Secondly, the updates eliminate the breach revealed last month in the Exchange Server, for the use of which the PoC code was also published.

According to the Microsoft team, the vulnerability of the proprietary Internet Explorer browser allows attackers to check for files stored on the disks of the attacked computer.

To exploit this vulnerability, cybercriminals first need to lure the victim to a malicious site. Microsoft has registered the presence of active exploits on the Web, which are designed specifically for this flaw.

The security issue in IE was identified with CVE-2019-0676, it affects versions 10 and 11 on all supported releases of the Windows system. Vulnerability discovered by experts of the project Google Project Zero.

Chris Jackson – chief software consultant at Microsoft, spoke about the risks of using the default Internet Explorer browser. According to Jackson, users should gradually refuse to access the network using this Internet browser.

Also, in February, a set of updates eliminates a vulnerability in Exchange Server, which allows an attacker, having an account with low privileges, to get server administrator privileges.

This problem received the identifier CVE-2019-0686, its details were disclosed last month. Then the code was proof-of-concept, which can be easily used to exploit this vulnerability.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Recent Posts

Remove News-bpudepi.today pop-up ads (Virus Removal Guide)

News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…

17 hours ago

Remove Doguhtam.xyz pop-up ads (Virus Removal Guide)

Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…

17 hours ago

Remove News-xlixoti pop-up ads (Virus Removal Guide)

News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…

17 hours ago

Remove Ducesousightion pop-up ads (Virus Removal Guide)

Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…

17 hours ago

Remove News-xlabica.live pop-up ads (Virus Removal Guide)

News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…

17 hours ago

Remove Mergechain.co.in pop-up ads (Virus Removal Guide)

Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…

17 hours ago