The vulnerability could potentially be harnessed by attackers to view, change or delete data without the victim’s knowhow.
Jukebox 21 Jan 2020 0
Just about 3 days back, Microsoft shared with the public how some vulnerabilities in its operating system had been discovered by the NCA and a patch which required an update to protect users from risk.
Not long after, it came to their attention again that a zero-day vulnerability was also present in the Internet Explorer browser which is being taken advantage of, widely by attackers and hackers globally, to which they published an advisory warning users of the risks involved and threat identified, even though they are yet to come up with a patch to fix the issue.
Dubbed CVE-2020-0674, the vulnerability is identified as a remote code execution flaw which can be found in the scripting engine and how it handles objects in the memory of Internet Explorer and triggers through Jscript.dll library in the Internet Explorer 9,10 and 11 versions running of Windows 7, 8.1 and 10 operating systems respectively, according to an article from thehackernews.com.
The Microsoft team is yet come up with a patch for the vulnerability but have shared ways to get around it
The advisory published by Microsoft stated,
The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.
If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Spanning the various ways with which attackers could potentially use the flaw to their advantage, Microsoft however shared some ways users can shield themselves from this vulnerability saying that by preventing the loading of Jscript.dll library, users can actively hinder attackers from exploiting the flaw.
The step by step process to restrict the vulnerability is as follows for 32-bit systems;
takeown / f% windir% \ system32 \ jscript.dll cacls% windir% \ system32 \ jscript.dll / E / P everyone: N
They continued for 64-bit systems, stating,
takeown / f% windir% \ syswow64 \ jscript.dll cacls% windir% \ syswow64 \ jscript.dll / E / P everyone: N takeown / f% windir% \ system32 \ jscript.dll cacls% windir% \ system32 \ jscript.dll / E / P everyone: N
And added that pending a released update or patch for the problem, users can revert the settings to remove the restrictions by executing these commands on the 32 and 64-bit systems respectively;
While there is no telling who actually uses Internet Explorer on today’s internet, it is better to assume that safety precedes all else. Guided by the workarounds shared by the Microsoft team, users should be able to protect their data and devices from the prying eyes and thieving hands of attackers worldwide. It goes without saying that once an update is released, users must make it a point to keep up with installing them.