Shulou(Shulou.com)06/02 Report--

Windows system JScript components have been exposed that there is a 0day RCE how to do, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain in detail for you, people with this need can come to learn, I hope you can gain something.

Recently, Dmitri Kaslov, a security research expert from Telspace Systems, discovered a serious security vulnerability in the JScript component of the Windows operating system that would allow an attacker to execute malicious code on the target host.

In January of this year, Kaslov discovered this 0 day vulnerability through trend Technology Zero-Day Initiative (ZDI) service and reported the vulnerability information to the Microsoft team through ZDI's security experts. It was four months before Microsoft officially released an updated patch to fix the vulnerability.

ZDI usually waits about 120 days to disclose the details of the vulnerability, according to the official security announcement issued by ZDI:

"this vulnerability allows an attacker to execute arbitrary code on the target Windows host, and in the process of exploiting this vulnerability, the attacker needs to find a way to interact with users and allow them to access a malicious page or open a malicious file. The flaw is due to Jscript's improper handling of Error objects. By executing malicious code in a script file, an attacker can reuse the target pointer after the pointer is released. As a result, an attacker will be able to exploit this vulnerability to execute arbitrary code in the current process environment. "

Currently, the vulnerability has a CVSSv2 severity rating of 6.8 (10).

In the process of exploiting this vulnerability, the attacker needs to trick the user into visiting a specific malicious Web page, or download and open a malicious JS file on the host.

The good news is that this vulnerability does not help attackers gain full control of the target host because attackers can only execute their malicious code in a sandboxed environment. Of course, attackers can also combine other sandboxing techniques and execute their malicious code in the target host environment.

Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.