Two Zero-Days Fixed in This Month’s Patch Tuesday
July 10, 2019 / Phil Muncaster
Microsoft patched 77 vulnerabilities yesterday including two zero-day flaws, one of which was being used in a targeted attack bearing the hallmarks of Russian state hackers. The monthly update round saw Redmond fix privilege escalation vulnerabilities CVE-2019-0880 and CVE-2019-1132. The latter was discovered by ESET researchers as part of a targeted attack in eastern Europe, using techniques similar to the infamous Kremlin group APT28 (aka Fancy Bear, Sednit). “For example, the Sednit group’s local privilege escalation exploit we analyzed in 2017 used menu objects and exploitation techniques, which are very similar to the current exploit,” ESET researcher Anton Cherepanov explained. Although, like the other zero-day, it requires an attacker to first establish a presence on an infected system, it could enable full system access when chained with other flaws.