Microsoft's Windows 0-Day Vulnerability Hacked for a Year Before Getting Fixed

As found by cybersecurity researchers.

Microsoft's Windows 11 and 10 were reportedly hacked for over a year by cybercriminals through Internet Explorer's aging code before the tech giant could fix it.

According to sources, threat actors launched zero-day assaults on Windows users, infecting computers with malware that led them to launch Internet Explorer, a legacy browser that Microsoft retired in 2022 because of its aged code base, making it increasingly vulnerable to vulnerabilities.

Microsoft Signs Massive 500,000 Metric Ton Carbon Removal Deal With 1PointFive
Microsoft has entered into an agreement with 1PointFive, a subsidiary of Occidental Petroleum, to acquire 500,000 metric tons of carbon dioxide removal (CDR) credits over six years. FABRICE COFFRINI/AFP via Getty Images

Following the shift, Windows made it difficult, if not impossible, for ordinary users to launch the browser, which was initially offered in the mid-1990s.

According to researchers who discovered the flaw and reported it to Microsoft, harmful software exploiting the issue dates back roughly to January 2023 and was distributed as recently as May.

The vulnerability, CVE-2024-CVE-38112, was fixed on Tuesday as part of the firm's monthly patching release cycle. It was found in Windows' MSHTML engine and had a severity rating of 7.0 out of 10.

Check Point researchers say the attack code used previously undiscovered methods to mislead Windows users into remote code execution. A link that looked to open a PDF file added an a.url extension to the end of the file, such as Books_A0UJKO.pdf. URL, which was identified in one of the malicious code samples.

When opened on Windows, the file displayed an icon indicating that it was a PDF instead of a.url file. These files are intended to open the program given in a link. A detailed breakdown of the attack was then explained in this report.

Hacked Microsoft Applications

The latest study is just one example of how Microsoft apps continue to be targeted by various threat actors. Research reported in early June uncovered a concerning security hole that may make anybody appear to be an employee of the tech giant when sending an email to Outlook accounts, making phishing attacks simpler to execute.

Vsevolod Kokorin, also known as Slonser online, claimed to have identified the email-spoofing vulnerability and reported it to Microsoft. However, the latter dismissed his report, noting that it could not reproduce his findings.

Kokorin shared his findings on X (formerly Twitter). As a result, Kokorin decided to educate the public about the vulnerability of X without providing any technical details that may help in its exploit. The problem has yet to be resolved.

Kokorin argues that the flaw only affects emails sent to Outlook accounts. Still, according to Microsoft's most recent financial report, it has a global user base of at least 400 million. According to reports, no one other than Kokorin uncovered or used the weakness maliciously.

Microsoft Office's Hacking Tendencies

Based on the Software Vulnerability Ratings Report 2024, Microsoft Office has the highest overall vulnerabilities of any office program. RCEs account for 40-50% of the over 80% of significant vulnerabilities reported annually. Furthermore, 5% more individuals were using it in 2023.

Office apps are more vulnerable to hacking than other types of software since they are user-facing and prone to human mistakes. Phishing efforts may target common user actions such as visiting embedded links, activating macros, and opening documents.

An assault of this nature has the highest potential for success since Microsoft Office is widely used, depended on, and recognized by users. The authors foresee an increase in phishing assaults targeting Microsoft Office difficulties.

Written by Aldohn Domingo
Tech Times
ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics