Thursday, April 4, 2019
Home / Security / Exploits / Researchers Bypass IE Zero Day quick fix pushed by Microsoft

Researchers Bypass IE Zero Day quick fix pushed by Microsoft

Microsoft’s quick patch last week didn’t help too much, researchers at Exodus Intelligence reported today they have developed a bypass for the fix it that Microsoft released as a temporary mitigation.

The new exploit that was developed, beat a fully patched Windows system running IE 8, the same version of the browser exploited by malware used in watering hole attacks against several political and manufacturing websites, including the Council on Foreign Relations in the U.S., and Chinese human rights site Uygur Haber Ajanski.

Brandon Edwards, vice president of Intelligence at Exodus, stated his firm’s investigators looked at the Fix It to find out how much of the vulnerability it prevented. “Usually, there are multiple paths one can take to trigger or exploit a vulnerability,” Edwards said. “The Fix It did not prevent all those paths.”

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Amazon hacked – hacker leaks 80,000 login credentials

A hacker going by the name 0x2Taylor has said to have breached the servers of …