Microsoft fixes exploited zero-day vulnerability in Windows

Share post:

Microsoft has fixed a security vulnerability that permitted malicious hackers to circumvent Windows SmartScreen security and distribute Magniber ransomware and Qbot malware payloads.

This comes after Microsoft has been working to fix it since late October, when HP’s threat intelligence team issued the first warning after the vulnerability was exploited multiple times in the wild.

The infected standalone JavaScript files were used to exploit the CVE-2022-44698 zero-day vulnerability and circumvent Windows’ Mark-of-the-Web security warnings.

The CVE-2022-44698 vulnerability was exploitable via three attack vectors: First, In a web-based attack scenario, an attacker could host a malicious website that exploits the security feature bypass.

Second, To exploit the bypass in an email or instant message attack scenario, the attacker could send the targeted user a specially crafted.url file. Third, compromised websites or websites that accept or host user-provided content may contain specially crafted content designed to circumvent security features.

Qbot (AKA Quakbot) is an old and well-known banking trojan that continues to pose a significant threat to victims by tricking them into opening malicious files or visiting attacker-controlled websites.

The sources for this piece include an article in BleedingComputer.

Featured Tech Jobs


Related articles

Cyber Security Today, April 12, 2024 – A warning to Sisense customers, a new tactic for spreading the Raspberry Robin worm, and more

A warning to Sisense customers, a new tactic for spreading the Raspberry Robin worm, and more. Welcome to Cyber Security Today. It’s Friday April 12th, 2024. I’m Howard Solomon. Organizations that use products from business analytics provider Sisense [SI-SENSE] are being told to reset user login credentials and digital keys. The warning comes from the

LinkedIn introduces verification for recruiters to combat scams

LinkedIn announced today the launch of a new verification process for job recruiters, a move aimed at curtailing...

Cyber Security Today, Week in Review for week ending Friday, April 5, 2024

This episode features a discussion on a highly critical report on the hacking of Microsoft Exchange Online email accounts, a case study of a ransomware attack and the discovery of a years-long infiltration of an open source group to insert a backdoor

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways