Zero-Day IE Bug is Being Exploited in the Wild (Jan 21, 2020)
Warnings have been given from the US Government and Microsoft in regards to a remote code execution (RCE) vulnerability found in Internet Explorer (IE) and is currently in use by threat actors. The zero-day has been tagged as ‘CVE-2020-0674” and the exploit gives threat actors the capability of executing code on the user’s system by corrupting memory. The exploit could provide threat actors the same rights as the legitimate user which in turn could result in malicious programs being deployed, personal files could be deleted, encrypted or exfiltrated. CVE-2020-0674 affects IE versions 9, 10 and 11 on Windows systems.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.