Zero-Day In Microsoft's VBScript Engine Used By Darkhotel APT

Discussion in 'malware problems & news' started by guest, Aug 18, 2018.

  1. guest

    guest Guest

    Zero-Day In Microsoft's VBScript Engine Used By Darkhotel APT
    August 18, 2018
    https://www.bleepingcomputer.com/ne...osofts-vbscript-engine-used-by-darkhotel-apt/
     
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Yup, it would be foolish to still use IE. Can this also bypass AppContainer?
     
  3. guest

    guest Guest

    Internet Explorer scripting engine becomes North Korean APT's favorite target in 2018
    November 12, 2018
    https://www.zdnet.com/article/inter...es-north-korean-apts-favorite-target-in-2018/
     
  4. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,549
  5. guest

    guest Guest

    Many enterprises still uses IE, either because they uses winXP/7, or some of their softs needs it.
     
  6. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    Internet Explorer scripting engine becomes North Korean APT's favorite target in 2018

    Hum ……… Sometimes you read an article that is 75% irrelevant. Let's analyze.

    As far as the IE browser vulnerabilities the mentioned exploits were targeting, they have been patched for some time.

    Next up is the use of the VBS script engine which is a moot point as of Win 10 1803. I also assume that by now the same has been done in older Win OS versions:
    That leaves the only exploit applicable as the following which has nothing to do with direct IE11 browser use:
    I also suspect the above applies to all Win 10 versions since although IE11 can supposedly be disabled in these, what really is in fact only disabled is direct execution of IE11. Obviously if you open all documents in Word Protected view mode, your covered. Likewise if Word File Block settings include web pages, you're covered.
     
    Last edited: Nov 13, 2018
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.