Cybersecurity Advisory: Patches for 6 Actively Exploited Zero Days
It's important that organizations deploy last week's "Patch Tuesday" patches as soon as possible. These patches include several critical, high, and...
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
1 min read
Daniel Guidry : Sep 23, 2019 12:00:00 AM
Affected Software: Internet Explorer 11 on Windows Server 2012 R2, Internet Explorer 11 on Windows Server 2012, Internet Explorer 11 on Windows Server 2008 R2 SP1, Internet Explorer 11 on Windows 8.1, Internet Explorer 11 on Windows 7 SP1, Internet Explorer 10 on Windows Server 2012, Internet Explorer 9 on Windows Server 2008 SP2.
CVE: CVE-2019-1367
Type: Remote Code Execution
Exploit Status: Exploited but not Public
Rating: Critical
Vulnerability Summary: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could run arbitrary code in the context of the current user.
If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
The IE vulnerability stems from how the browser's scripting engine handles objects in memory. The flaw permits an attacker to "execute code in the context of the current user," including system administrators if that's the case. It's present in IE 11 on Windows 10 and Windows Server 2019, IE 10 on Windows Server 2012, and IE 9 on Windows Server 2008 Service Pack 2.
Impact: Remote Code Execution allowing an attacker to run arbitrary code.
Mitigation: Ingalls encourages clients and partners to immediately deploy Cumulative security update for Internet Explorer: September 23, 2019 (https://support.microsoft.com/en-us/help/4522007/cumulative-security-update-for-internet-explorer)
Ingalls recommends the following the fix actions as recommended by Microsoft:
Update all versions of Internet Explorer on all Windows PC and Server platforms using the link above for installation instructions and update downloads.
It's important that organizations deploy last week's "Patch Tuesday" patches as soon as possible. These patches include several critical, high, and...
The Veeam Distribution Service installed on Veeam Backup & Replication servers runs on TCP 9380 with default settings, and allows unauthenticated...
These vulnerabilities are currently being exploited in the wild. As of October 21st, there are nearly 48,000 web-exposed servers with these...