Last Updated: January 19 @ 15:40
Memory corruption in jscript.dll
Exploitable via Internet Explorer 9 through 11
On Microsoft Windows 7 through 10 and Server 2008 through Server 2016
Being actively exploited
<Sysmon schemaversion="4.22"> <EventFiltering> <RuleGroup name="" groupRelation="or"> <ImageLoad onmatch="include"> <ImageLoaded name="technique_id=1189,technique_name=Drive-by Compromise,note=Possible CVE-2020-0674 Exploit - just checks for jscript.dll being loaded though so don't get too excited" condition="end with">jscript.dll</ImageLoaded> </ImageLoad> </RuleGroup> </EventFiltering> </Sysmon>
Qihoo 360 tweet talked about a vuln affecting IE and Firefox – now deleted – related?
Are any sites delivering the payload known?
Any indicators of which actors?
These vulnerabilities share mitigation advice and are in the same component
This post is curated by the team at NCC Group/Fox-IT – https://www.nccgroup.trust/
Thanks to the Courtesy of :