A Kaspersky Lab (19) announced today that its Exploit Automatic Prevention technology has detected, in less than a month, a second zero-day vulnerability in Microsoft Windows to be explored in a series of cyber attacks in the Middle East. After being reported, the vulnerability was corrected by Microsoft in November 13.
The malicious actions targeted corporate customers and the attacks resorted to new malware that exploited a previously unknown vulnerability in Windows. Kaspersky reports that it reported the breach to Microsoft as soon as it was discovered and that the Seattle company already fixed the vulnerability on October 9.
Kaspersky points out that a zero-day attack by means of a vulnerability is one of the most dangerous cyber threats, since it involves exploiting a vulnerability that is still being discovered and repaired. If it is found by malicious agents, such vulnerability can be used to create an exploit that will open access to the entire system.
The attacks targeted about 12 different organizations in the Middle East and happened last summer in the United States. According to company experts, it is not possible to determine which group is behind the vulnerability discovery, but the exploit of this vulnerability is being used in APT attacks by more than one group.
"In a month, we discovered two new zero-day vulnerabilities and several attacks targeting the same region. The discretion of cybercriminals reminds us that it is extremely important to have smart tools and solutions that can protect companies against sophisticated threats like these. Otherwise, they can become victims of targeted attacks, "says Anton Ivanov, security expert at Kaspersky Lab.