Tools & scripts.
Tools Tools & scripts Windows CVE-2019-1367_workaround pdfToImg outlookSignatures mouse-connect macOS
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1221.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet_explorer 10 |
||
microsoft internet_explorer 11 |
||
microsoft internet_explorer 9 |
Google wants researchers, vendors to stop making attacks easy Apple emits emergency iOS security updates while warning holes may have been exploited in wild by hackers
Enigma To limit the impact of zero-day vulnerabilities, Google security researcher Maddie Stone would like those developing software fixes to stop delivering shoddy patches. In a presentation at USENIX's Enigma 2021 virtual conference on Tuesday, Stone offered an overview of the zero-day exploits detected in 2020. A zero-day, she explained for attendees outside the infosec community, refers to an exploit targeting a previously unidentified vulnerability. Zero-day flaws are a problem because they...
IT threat evolution Q2 2020. PC statistics IT threat evolution Q2 2020. Mobile statistics In April, we reported the results of our investigation into a mobile spyware campaign that we call ‘PhantomLance’. The campaign involved a backdoor Trojan that the attackers distributed via dozens of apps in Google Play and elsewhere. Dr Web first reported the malware in July 2019, but we decided to investigate because the Trojan was more sophisticated than most malware for stealing money or displaying ...
Exploit kits are not as widespread as they used to be. In the past, they relied on the use of already patched vulnerabilities. Newer and more secure web browsers with automatic updates simply do not allow known vulnerabilities to be exploited. It was very different back in the heyday of Adobe Flash because it’s just a plugin for a web browser, meaning that even if the user has an up-to-date browser, there’s a non-zero chance that Adobe Flash may still be vulnerable to 1-day exploits. Now tha...
For more than two years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They are designed to highlight the significant events and findings that we feel people should be aware of. This is our latest installment, focusin...
These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. According to Kaspersky Security Network: In Q3 2019, we discovered an extremely unpleasant incident with the popular CamScanner app on Google Play. The new version of the app contained an ad library inside with the Trojan dropper Necro built in. Judging by the reviews on Google Play, the dropper’s task was to activate paid subscriptions, although it could delive...
Update browser ASAP after Google gurus spot miscreants abusing bug to hijack PCs
Microsoft today issued a rare emergency security update for Internet Explorer to address a critical flaw in the browser that's being exploited right now in the wild. Redmond says the vulnerability, a scripting-engine memory-corruption bug designated CVE-2019-1367, can be abused by a malicious webpage or email to achieved remote code execution: that means Windows PCs can be hijacked by viewing a suitably booby-trapped website, or message, when using Internet Explorer. Malware, spyware, and other ...