Microsoft rushes out patch for Internet Explorer zero‑day (Sep 26, 2019)
A new Zero-Day vulnerability labelled as CVE-2019-1367, has been patched by Microsoft. It is a remote code execution vulnerability and it affects IE version 9, 10 and 11. It gives the attacker the ability to gain the same access privileges as the user. So if the user has admin access then the attacker can have access to the whole system. This bug has prompted a warning from the United States Cybersecurity and Infrastructure Security Agency (CISA).
Recommendation: Zero days based attacks can be detected by less conventional methods, such as behavior analysis, heuristic and machine learning based detection systems. The security update should be applied as soon as possible because of the high criticality rating of this vulnerability and the potential for an actor to take control of an affected system. Additionally, your company should have policies in place to review and apply security updates for software in use to protect against known vulnerabilities that threat actors may exploit.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.