By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.

A vulnerability in the VBScript engine has been used by hackers working for North Korea to compromise systems targeted by the Darkhotel operation. VBScript is available in the latest versions of Windows and in Internet Explorer 11. In recent versions of Windows, though, Microsoft in the default configuration of its browser, making it immune to the vulnerability. There are other methods to load scripts, though. For instance, applications in the Office suite rely on the IE engine to load and render web content. Security researchers from Trend Micro noticed a VBScript vulnerability being exploited in the wild a day after Microsoft delivered its regular updates for Windows in July. Now tracked as CVE-2018-8373, the bug has been addressed in this month's patch delivery. It is a use-after-free memory corruption that allows the attacker to run shellcode on the compromised computer. After analyzing the exploit code, researchers discovered that it shared the obfuscation technique used by exploits for an older VBScript vulnerability also used in the wild and patched in May, CVE-2018-8174. Also known as Double Kill, the vulnerability was reported by experts at Chinese security company Qihoo 360. Get better informed by visiting W10NI.