7.5
CVSSv2

CVE-2020-0674

Published: 11/02/2020 Updated: 08/05/2020
CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9
Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Summary

Microsoft Internet Explorer could allow a remote malicious user to execute arbitrary code on the system, caused by improper handling of objects in memory by the scripting engine. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system with privileges of the victim.

Vulnerability Trend

Affected Products

Vendor Product Versions
MicrosoftInternet Explorer9, 10, 11

Github Repositories

master 1 branch 0 tags Go to file Code Clone with HTTPS Use Git or checkout with SVN using the web URL. Download ZIP Launching GitHub Desktop If nothing happens, download GitHub Desktop and try again. Go back Launching GitHub Desktop If nothing happens, download GitHub Desktop and try again. Go back Launching Xcode If nothing happens, download Xcode and try again. Go back Launching Visual Studio If nothing happens, download the GitHub extension for Visual Studio and try again. Go back Latest commit wugedz Update CVE-2020-0674_x86.html … a7b2043 5 minutes ago Update CVE-2020-0674_x86.html [change] change some infomation. a7b2043 Git stats 3 commits Files Permalink Failed to load latest commit information. Type Name Latest commit message Commit time CVE-2020-0674 Update CVE-2020-0674_x86.html 5 minutes ago README.md Initial commit 13 minutes ago View code README.md CVEs Some exploits and pocs. About Some exploits and pocs. Resources Readme Releases No releases published Languages HTML 100.0%

Security module (part of several modules making up the October II cms update).

October CMS Version II Proposal - Security Module Warning currently in heavy development There are other modules being developed for October CMS Version II in different repo's! ⚠️ THIS IS A LONG-TERM PROJECT AND WILL TAKE MANY MONTHS! ⚠️ This repo to gather security enhancement ideas a

Security module (part of several modules making up the October II cms update).

October CMS Version II Proposal - Security Module Warning currently in heavy development There are other modules being developed for October CMS Version II in different repo's! ⚠️ THIS IS A LONG-TERM PROJECT AND WILL TAKE MANY MONTHS! ⚠️ This repo to gather security enhancement ideas a

This is an exploit for CVE-2020-0674 that runs on the x64 version of IE 8, 9, 10, and 11 on Windows 7.

CVE-2020-0674 CVE-2020-0674 is a use-after-free vulnerability in the legacy jscript engine It can be triggered in Internet Explorer The exploit here is written by maxpl0it but the vulnerability itself was discovered by Qihoo 360 being used in the wild This exploit simply pops calc Exploit writeup can be found here Vulnerability Overview The vulnerability exists in the Arr

Penetration_Testing_POC 搜集有关渗透测试中用到的POC、脚本、工具、文章等姿势分享,作为笔记吧,欢迎补充。 Penetration_Testing_POC 请善用搜索[Ctrl+F]查找 IOT Device&Mobile Phone Web APP 提权辅助相关 PC tools-小工具集合 文章/书籍/教程相关 说明 请善用搜索[Ctrl+F]查找 IOT Device&Mobile

PoC auto collect from GitHub.

PoC in GitHub 2020 CVE-2020-0022 In reassemble_and_dispatch of packet_fragmentercc, there is possible out of bounds write due to an incorrect bounds calculation This could lead to remote code execution over Bluetooth with no additional execution privileges needed User interaction is not needed for exploitationProduct: AndroidVersions: Android-80 Android-81 Android-9 Andr

Recent Articles

Internet Explorer and Windows zero-day exploits used in Operation PowerFall
Securelist • Boris Larin • 12 Aug 2020

In May 2020, Kaspersky technologies prevented an attack on a South Korean company by a malicious script for Internet Explorer. Closer analysis revealed that the attack used a previously unknown full chain that consisted of two zero-day exploits: a remote code execution exploit for Internet Explorer and an elevation of privilege exploit for Windows. Unlike a previous full chain that we discovered, used in Operation WizardOpium, the new full chain targeted the latest builds of Windows 10, and our ...

Purple Fox EK Adds Microsoft Exploits to Arsenal
Threatpost • Lindsey O'Donnell • 06 Jul 2020

The Purple Fox exploit kit (EK) has added two new exploits targeting critical- and high-severity Microsoft vulnerabilities to its bag of tricks – and researchers say they expect more attacks to be added in the future.
The Purple Fox EK was previously analyzed in September, when researchers said that it appears to have been built to replace the Rig EK in the distribution chain of Purple Fox malware, which is a trojan/rootkit. The latest revision to the exploit kit has added attacks again...

Magnitude exploit kit – evolution
Securelist • Boris Larin • 24 Jun 2020

Exploit kits are not as widespread as they used to be. In the past, they relied on the use of already patched vulnerabilities. Newer and more secure web browsers with automatic updates simply do not allow known vulnerabilities to be exploited. It was very different back in the heyday of Adobe Flash because it’s just a plugin for a web browser, meaning that even if the user has an up-to-date browser, there’s a non-zero chance that Adobe Flash may still be vulnerable to 1-day exploits. Now tha...

IT threat evolution Q1 2020. Statistics
Securelist • Victor Chebyshev Fedor Sinitsyn Denis Parinov Oleg Kupreev Evgeny Lopatin Alexey Kulaev • 20 May 2020

These statistics are based on detection verdicts for Kaspersky products received from users who consented to providing statistical data.
According to Kaspersky Security Network,
Q1 2020 will be remembered primarily for the coronavirus pandemic and cybercriminals’ exploitation of the topic. In particular, the creators of a new modification of the Ginp banking trojan renamed their malware Coronavirus Finder and then began offering it for €0.75 disguised as an app supposedly capable...

Nation-State Attacks Drop in Latest Google Analysis
Threatpost • Tara Seals • 30 Mar 2020

Google has registered a significant drop in government-backed cyberattacks against its properties and the people who use its products.
Google sends out warnings if it detects that an account is a target of government-backed phishing or malware attempts. For 2019, the internet giant sent almost 40,000 warnings – which, while a large number, is still a nearly 25 percent drop from the year before.
Nation-State Trends
In terms of trends amongst the warnings, the analysis showed t...

Windows 10 Gets Temp Patch for Critical Flaw Fixed In Buggy Update
BleepingComputer • Ionut Ilascu • 21 Feb 2020

Until Microsoft releases a permanent solution for the troublesome KB4532693 update, enterprises with Windows 10 1903 and 1909 are forced to delay applying the security fixes that come with it.
For the remote code execution vulnerability in Internet Explorer 9/10/11 tracked as CVE-2020-0674, though, there is available a temporary third-party fix.
There is information that this vulnerability has been exploited in the wild in limited targeted attacks, which makes it more concerning to c...

Windows 10 Gets Temp Fix for Critical Security Vulnerability
BleepingComputer • Ionut Ilascu • 21 Feb 2020

Until Microsoft releases a permanent solution for the troublesome KB4532693 update, enterprises with Windows 10 1903 and 1909 are forced to delay applying the security fixes that come with it.
For the remote code execution vulnerability in Internet Explorer 9/10/11 tracked as CVE-2020-0674, though, there is available a temporary third-party fix.
There is information that this vulnerability has been exploited in the wild in limited targeted attacks, which makes it more concerning to c...

Microsoft Patch Tuesday – February 2020
Symantec Threat Intelligence Blog • Preethi Koroth • 12 Feb 2020

This month the vendor has patched 99 vulnerabilities, 13 of which are rated Critical.

Posted: 12 Feb, 202024 Min ReadThreat Intelligence SubscribeMicrosoft Patch Tuesday – February 2020This month the vendor has patched 99 vulnerabilities, 13 of which are rated Critical.This month the vendor has patched 99 vulnerabilities, 13 of which are rated Critical.

As always, customers are advised to follow these security best practices:


Install vendor patches as soon as they are available.
Run all so...

Microsoft Patch Tuesday fixes IE zero‑day and 98 other flaws
welivesecurity • Tomáš Foltýn • 12 Feb 2020

This month’s Patch Tuesday is here and with it come fixes for no fewer than 99 security vulnerabilities in Windows and other Microsoft software.
Twelve flaws have received the highest severity ranking of “critical”, while 5 security holes are listed as publicly known at the time of release.
In fact, one vulnerability ticks both boxes – an actively exploited zero-day in Internet Explorer (IE). Microsoft disclosed this flaw, indexed as CVE-2020-0674, three weeks ago but didn’...

If you're running Windows, I feel bad for you, son. Microsoft's got 99 problems, better fix each one
The Register • Shaun Nichols in San Francisco • 11 Feb 2020

Meanwhile, we're still squashing bugs in Adobe Flash Player... plus stuff from Intel and SAP

Patch Tuesday It's going to be a busy month for IT administrators as Microsoft, Intel, Adobe, and SAP have teamed up to deliver a bumper crop of security fixes for Patch Tuesday.
Microsoft had one of its largest patch bundles in recent memory, as the Windows giant released fixes for 99 CVE-listed vulnerabilities.
These included CVE-2020-0674, a remote code execution flaw in Internet Explorer's Trident rendering engine that is already being exploited in the wild. This hole would typic...

Microsoft Addresses Active Attacks, Air-Gap Danger with 99 Patches
Threatpost • Tara Seals • 11 Feb 2020

Microsoft has issued one of its largest Patch Tuesday updates for the shortest month of the year, addressing 99 security vulnerabilities across a range of products. Twelve of the bugs are listed as critical – and the rest are rated as being important.
The update includes a patch for the zero-day memory-corruption vulnerability disclosed in late January that’s under active attack. The bug tracked as CVE-2020-0674 is a critical flaw for most Internet Explorer versions, allowing remote co...

Microsoft Patches Actively Exploited Internet Explorer Zero-Day
BleepingComputer • Sergiu Gatlan • 11 Feb 2020

Microsoft released security updates to patch an actively exploited zero-day remote code execution (RCE) vulnerability impacting multiple versions of Internet Explorer.
In the middle of January 2020, Microsoft released an advisory about an Internet Explorer zero-day vulnerability (CVE-2020-0674) that was publicly disclosed and being actively exploited by attackers.
The flaw, reported by Clément Lecigne of Google’s Threat Analysis Group and Ella Yu from Qihoo 360, "could corrupt ...

Microsoft Zero-Day Actively Exploited, Patch Forthcoming
Threatpost • Tara Seals • 21 Jan 2020

An unpatched remote code-execution vulnerability in Internet Explorer is being actively exploited in the wild, Microsoft has announced. It’s working on a patch. In the meantime, workarounds are available.
The bug (CVE-2020-0674) which is listed as critical in severity for IE 11, and moderate for IE 9 and IE 10, exists in the way that the jscript.dll scripting engine handles objects in memory in the browser, according to Microsoft’s advisory, issued Friday.
The vulnerability could...

Actively Exploited IE 11 Zero-Day Bug Gets Temporary Patch
BleepingComputer • Sergiu Gatlan • 21 Jan 2020

A micropatch implementing Microsoft's workaround for the actively exploited zero-day remote code execution (RCE) vulnerability impacting Internet Explorer is now available via the 0patch platform until an official fix will be released.
Microsoft's advisory says that the company is aware of "limited targeted attacks" targeting the flaw tracked as CVE-2020-0674.
The vulnerability, reported by Clément Lecigne of Google’s Threat Analysis Group and Ella Yu from Qihoo 360, "could co...

New Internet Explorer zero‑day remains unpatched
welivesecurity • Tomáš Foltýn • 20 Jan 2020

Microsoft has released a security advisory alerting users to an as-yet unpatched vulnerability in its Internet Explorer (IE) web browser that is being exploited in limited targeted attacks.
The zero-day, which is tracked as CVE-2020-0674, is a memory corruption issue in the browser’s scripting engine. Its exploitation could enable remote attackers to run code of their choice on the compromised system.
The remote-code execution (RCE) security hole affects IE versions 9, 10 and 11 ru...

It's Friday, the weekend has landed... and Microsoft warns of an Internet Explorer zero day exploited in the wild
The Register • Shaun Nichols in San Francisco • 18 Jan 2020

Plus, WeLeakInfo? Not anymore!

Roundup Welcome to another Reg roundup of security news.
Microsoft let slip on Friday an advisory detailing an under-attack zero-day vulnerability (CVE-2020-0674) for Internet Explorer. The scripting engine flaw can be exploited to gain remote code execution on a vulnerable machine by way of a specially crafted webpage. The flaw can be mitigated by restricting access to the JavaScript component JScript.dll, and thus far there is no patch available.
"Microsoft is aware of this vulnera...

Microsoft Issues Mitigation for Actively Exploited IE Zero-Day
BleepingComputer • Sergiu Gatlan • 17 Jan 2020

Update January 17: Microsoft says that the vulnerability was reported by Clément Lecigne of Google’s Threat Analysis Group and Ella Yu from Qihoo 360.
Update January 19: This vulnerability is now tracked as CVE-2020-0674.
Microsoft published a security advisory containing mitigation measures for an actively exploited zero-day remote code execution (RCE) vulnerability impacting Internet Explorer.
Redmond's advisory says that the company is aware of "limited targeted atta...

Microsoft's IE Zero-day Fix is Breaking Windows Printing
BleepingComputer • Lawrence Abrams • 01 Jan 1970

Microsoft's temporary fix for a recently disclosed Internet Explorer zero-day vulnerability is causing numerous problems in Windows, including breaking printing for some users.
On January 17th, 2020, Microsoft disclosed a zero-day remote code execution vulnerability in Internet Explorer 11, 10, and 9 that was being used in "limited targeted attacks".
To exploit this vulnerability, attackers can create a specially crafted web site that when visited in Internet Explorer will remotely...

Microsoft's February 2020 Patch Tuesday Fixes 99 Flaws, IE 0day
BleepingComputer • Lawrence Abrams • 01 Jan 1970

Today is Microsoft's February 2020 Patch Tuesday and also the first time Windows 7 users will not receive free security updates. Be nice to your Windows administrators today!
With the release of the February 2020 security updates, Microsoft has released one advisory for Flash Player and fixes for 99 vulnerabilities in Microsoft products. Of these vulnerabilities, 10 are classified as Critical, 87 as Important, and 2 as Moderate.
Included in this release is a security update for the ...

Windows 10 KB4535996 Update Fixes Search, Printing Issues
BleepingComputer • Lawrence Abrams • 01 Jan 1970

Microsoft has released the KB4535996 cumulative update for Windows 10 1903 and Windows 10 1909 that introduces a variety of quality improvements and bug fixes.
In this cumulative update, Microsoft states that they have resolved network printing issues some users are experiencing after installing a security update for the CVE-2020-0674 vulnerability in Internet Explorer.
Microsoft has also stated that this update resolves Windows Search issues such as no results showing or the s...