New Microsoft Windows Update Warned Issued
Microsoft Windows users have received an urgent warning to apply this month’s update promptly. A recent zero-day attack, affecting both Windows 10 and Windows 11, underscores how unsupported Windows versions can still be exploited by threat actors, potentially infecting unsuspecting users with ransomware, backdoors, or other types of malware.
Internet Explorer, once considered defunct, still lurks beneath the surface on most Windows machines. These cunning attacks exploit IE, awakening it to wreak havoc. Beware, the consequences can be devastating.
The severity of the new Internet Explorer (IE) threat became evident when Microsoft’s July update advisory acknowledge active exploits in the wild. The US Cybersecurity and Infrastructure Security Agency (CISA) promptly added it to the Known Exploited Vulnerabilities (KEV) catalog, imposing a 21-day update mandate for all US federal agencies. Additionally, Check Point Research released a comprehensive report detailing the threat and their disclosure to Microsoft.
The threat level associated with CVE-2024-38112 has escalated further due to a recent report from Trend Micro. The report highlights active attacks that exploit a clever technique to revive Internet Explorer. Trend Micro attributes the attacks to Void Banshee, an advanced persistent threat (APT) group targeting victims across the US, Asia, and Europe. The research team reports that these attacks specifically aim to install the Atlantida stealer on victim’s machines, targeting applications such as messengers and crypto wallets to steal login credentials, cookies, and security codes.
The malicious link triggering these attacks is specifically coded to open in Internet Explorer (IE) rather than Edge or Chrome. Users may unwittingly click on a cloud-based PDF, not realizing it is an internet address. To mitigate the threat, simply update your Windows PC.
The surprising twist lies in Internet Explorer’s unexpected resurgence. Although officially disabled in later versions on Windows 10 and all editions of Windows 11, remnants of IE persist within the modern Windows system. These remnants, while inaccessible to the average user, still exist.
In these reports, we have observed some variation, but the ultimate outcome remains consistent, users are enticed to click on URLs bundled with a hazardous MHTML handler, instructing the system to open Internet Explorer instead of a newer, more secure alternative.
Internet Explorer was a security nightmare during its active days. It is even now more concerning because IE has historically been a vast attack surface and no longer receives updates or security fixes. Fortunately, Microsoft’s July update has disabled the MHTML protocol handler, thwarting this type of attack. However, you MUST INSTALL THE UPDATE!!!