Rewterz Threat Alert – Trick Bot – Fake Payroll Emails to Conduct Phishing Attacks
December 10, 2019Rewterz Threat Alert – Snatch Ransomware Reboots Windows in Safe Mode to Bypass Antivirus
December 11, 2019Rewterz Threat Alert – Trick Bot – Fake Payroll Emails to Conduct Phishing Attacks
December 10, 2019Rewterz Threat Alert – Snatch Ransomware Reboots Windows in Safe Mode to Bypass Antivirus
December 11, 2019Severity
High
Analysis Summary
A Google Chrome 0-day was first exploited in online attacks called Operation WizardOpium attacks ( the 0-day was assigned CVE-2019-13720). Google released Chrome version 78.0.3904.87 for Windows to patch this vulnerability.
Recently, WizardOpium has chained this Chrome 0-day with another Windows 0-day (CVE-2019-1458), which is being exploited to acquire privilege escalation on targeted systems by escaping the Chrome sandbox. This windows zero-day (Win32k) privilege escalation vulnerability has been patched in Microsoft December updates.
Impact
- Code execution
- Privilege Escalation
Affected Vendors
- Microsoft
Affected Products
- Windows
- Google Chrome
Remediation
- Update any computers running Windows 7 or Windows Server 2008 R2 (support ends for both on January 14th, 2020.
- Immediately update to Chrome version 78.0.3904.87 for Windows.
- Immediately update Windows to secure version. For installing the latest Windows security updates, you can head on to Settings > Update & Security > Windows Update > Check for updates on your PC, or you can install the updates manually.