Microsoft released remote code execution vulnerability security updates with Internet Explorer allowing an attacker to execute arbitrary code in the current user context.
CVE-2018-8653 is the vulnerability. It was identified by the Threat Analysis Group of Google and the vulnerability is currently wildly exploited.
Microsoft recently released Security Updates & Fixed 39 Vulnerabilities Including Active Zero Day
The bug can be exploited by visiting a specially crafted web page designed to exploit the vulnerability via the Internet Explorer browser.
Microsoft Releases December 2018 Security Updates https://t.co/4YVmtAPNtG #NCCIC #cyber #cybersecurity #infosec
— US-CERT (@USCERT_gov) December 12, 2018
An attacker who used the vulnerability successfully could gain the same user rights as the current user. If the current user has administrative user rights, an attacker who exploited the vulnerability could control the affected system. An attacker could then install programs; view, modify, or delete data; or create new user rights accounts.
If the attacker takes control of the system, they can use it to download additional malware and execute user access malware.
The vulnerability can corrupt the memory that allows an attacker to remotely execute an arbitrary code. Now Microsoft fixed the zero day by changing the script engine for the object.
To address this vulnerability, Microsoft released a cumulative security update for Internet Explorer KB4470199 that allows users to confirm the update by checking the version of jscript.dll at 5.8.9600.19230. This update applies to Windows 10 Internet Explorer 11, Windows 8.1 Update 11, Windows 7 SP1, Internet Explorer 10, Windows Server 2012, Internet Explorer 9 –Windows Embedded Standard 2009 & Windows Embedded POSReady 2009.