Kaspersky Lab Unveils New Vulnerability in Windows
https://newsstechh.blogspot.com/2019/09/kaspersky-lab-unveils-new-vulnerability.html
Kaspersky Lab Unveils New Vulnerability in Windows
Kaspersky Lab's automatic scanning and protection techniques have revealed a new vulnerability in Windows that is believed to be exploited for targeted attacks by at least two subversive threat groups, one of which is the newly discovered SandCat.
This is the fourth vulnerability in the system produced by Microsoft is being revealed the possibility of being used to launch attacks known as attacks without waiting for Zero-Day, revealed by Kaspersky Lab's protection techniques.
Microsoft has been informed of the vulnerability CVE-2019-0797, which made it accelerated to issue a software patch.
This type of vulnerability remains unknown, and therefore uncorrected, until it is detected, making attackers able to exploit it to gain access to victims' systems and devices.
The vulnerability is found in the Windows graphics subsystem to gain privileges to access the most important and secure areas of the system, allowing the attacker full control over the victim's computer.
A sample of malware that Kaspersky Lab researchers have tested shows that the exploit targets operating system versions between Windows 8 and Windows 10.
The researchers found that the vulnerability discovered could be exploited by many subversives, such as FruityArmor and SandCat, and the first is known for its use of unauthorized attacks as a means of sabotage, while the second group was discovered recently.
Anton Ivanov, a security expert at Kaspersky Lab, said the discovery of a new vulnerability in Windows that is being actively exploited demonstrates the importance of these expensive and rare tools for sabotage.
He stressed that companies need security solutions that can protect them from such unknown threats.
“This discovery reaffirms the importance of cooperation between the security sector and software developers, as it is the best way to keep users safe from new and emerging threats,” he said.
This vulnerability was discovered by Kaspersky Lab's Automatic Exploit Prevention technology, which is included in most of the company's products that reveal exploitation by the following definitions:
HEUR: Exploit.Win32.Generic
HEUR: Trojan.Win32.Generic
PDM: Exploit.Win32.Generic
Kaspersky Lab recommends the following security measures:
Quickly download the Microsoft Windows Vulnerability Patch.
Take care to update all used software regularly.
Choose an installed security solution such as Kaspersky Endpoint Security equipped with behavior-based detection capabilities.
Use advanced security tools such as Kaspersky Anti Targeted Attack Platform.
Allow the company's security team access to a reliable source of up-to-date information on cyberthreats.
Ensure that employees are trained in the basics of cybersecurity.
Kaspersky Intelligence Reporting customers have access to special reports on the latest developments in the threat landscape.
Kaspersky Lab's automatic scanning and protection techniques have revealed a new vulnerability in Windows that is believed to be exploited for targeted attacks by at least two subversive threat groups, one of which is the newly discovered SandCat.
This is the fourth vulnerability in the system produced by Microsoft is being revealed the possibility of being used to launch attacks known as attacks without waiting for Zero-Day, revealed by Kaspersky Lab's protection techniques.
Microsoft has been informed of the vulnerability CVE-2019-0797, which made it accelerated to issue a software patch.
This type of vulnerability remains unknown, and therefore uncorrected, until it is detected, making attackers able to exploit it to gain access to victims' systems and devices.
The vulnerability is found in the Windows graphics subsystem to gain privileges to access the most important and secure areas of the system, allowing the attacker full control over the victim's computer.
A sample of malware that Kaspersky Lab researchers have tested shows that the exploit targets operating system versions between Windows 8 and Windows 10.
The researchers found that the vulnerability discovered could be exploited by many subversives, such as FruityArmor and SandCat, and the first is known for its use of unauthorized attacks as a means of sabotage, while the second group was discovered recently.
Anton Ivanov, a security expert at Kaspersky Lab, said the discovery of a new vulnerability in Windows that is being actively exploited demonstrates the importance of these expensive and rare tools for sabotage.
He stressed that companies need security solutions that can protect them from such unknown threats.
“This discovery reaffirms the importance of cooperation between the security sector and software developers, as it is the best way to keep users safe from new and emerging threats,” he said.
This vulnerability was discovered by Kaspersky Lab's Automatic Exploit Prevention technology, which is included in most of the company's products that reveal exploitation by the following definitions:
HEUR: Exploit.Win32.Generic
HEUR: Trojan.Win32.Generic
PDM: Exploit.Win32.Generic
Kaspersky Lab recommends the following security measures:
Quickly download the Microsoft Windows Vulnerability Patch.
Take care to update all used software regularly.
Choose an installed security solution such as Kaspersky Endpoint Security equipped with behavior-based detection capabilities.
Use advanced security tools such as Kaspersky Anti Targeted Attack Platform.
Allow the company's security team access to a reliable source of up-to-date information on cyberthreats.
Ensure that employees are trained in the basics of cybersecurity.
Kaspersky Intelligence Reporting customers have access to special reports on the latest developments in the threat landscape.
