ZDNet

Internet Explorer scripting engine becomes North Korean APT's favorite target in 2018

Internet Explorer's scripting engine was the favorite target of a North Korean cyber-espionage group this year, after the hackers deployed two zero-days, but also crafted new exploits for two other ...
Bleeping Computer

Zero-Day In Microsoft's VBScript Engine Used By Darkhotel APT

A vulnerability in the VBScript engine has been used by hackers working for North Korea to compromise systems targeted by the Darkhotel operation. VBScript is available in the latest versions of ...
Threat Post

Darkhotel Exploits Microsoft Zero-Day VBScript Flaw

The recently-patched flaw could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Researchers have discovered that the Darkhotel APT is ...
GIGAZINE

Zero-day vulnerability in Microsoft's VBScript, whether a North Korean hacker group is misused

VBScript is a scripting engine that can be used with the latest versions of Windows and Internet Explorer 11. However, since the execution of VBScript is invalid with the browser's default setting in ...
TechSpot

Microsoft's Patch Tuesday fixes zero-day exploit and privilege escalation vulnerability

As part of Microsoft's monthly Patch Tuesday updates, a critical flaw in Windows has been patched that is actively being exploited. A vulnerability in the VBScript engine allowed for a zero-day ...
ZDNet

Windows critical flaw: This security bug is under attack right now, says Microsoft

Microsoft's Patch Tuesday update addresses a critical flaw in the Windows VBScript engine that attackers are using to compromise Windows machines through Internet Explorer. The patch follows an alarm ...