Google discovered North Korea exploiting an Internet Explorer zero-day vulnerability in October
by Jess Weatherbed from The Verge - All Posts on (#66KJR)
Google's Threat Analysis Group discovered that an Internet Explorer zero-day vulnerability was used to lure victims using Microsoft Office documents referencing the Itaewon Halloween crowd crush tragedy. | Photo by Amelia Holowaty Krales / The Verge
A new blog post from Google's Threat Analysis Group (TAG) reveals that an Internet Explorer zero-day vulnerability was actively exploited by North Korea in October 2022. The attack targeted South Korean users by embedding malicious malware into documents that reference the recent Itaewon crowd crush tragedy in Seoul.
The Internet Explorer web browser was officially retired back in June earlier this year and has since been replaced by Microsoft Edge. However, as TAG's technical analysis explains, Office is still using the IE engine to execute the JavaScript that enables the attack, which is why it worked on Windows 7 through 11 and Windows Server 2008 through 2022 machines that haven't installed new November 2022 security updates.
TAG...