CyberNews Briefs

Microsoft Issues Windows Security Update for 0Day Vulnerability

Microsoft has released an unscheduled security update to address two security vulnerabilities in its products. One of the flaws, tracked as CVE-2019-1367, is a zero-day remote code execution (RCE) vulnerability in Internet Explorer that is being actively exploited by threat actors. Microsoft warns that “if the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system.”

The second flaw, tracked as CVE-2019-1255, is a denial of service (DoS) vulnerability affecting Microsoft Defender. According to Microsoft, “an attacker could exploit the vulnerability to prevent legitimate accounts from executing legitimate system binaries.” However, the flaw can only be exploited by an attacker who can already execute code on a targeted system.

Read more: Microsoft Issues Windows Security Update for 0Day Vulnerability

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.