With its latest and last Patch Tuesday for 2019, Microsoft is warning billions of its users of a new Windows zero-day vulnerability that attackers are actively exploiting in the wild in combination with a Chrome exploit to take remote control over vulnerable computers.
Microsoft’s December security updates include patches for a total of 36 vulnerabilities, where 7 are critical, 27 important, 1 moderate, and one is low in severity—brief information on which you can find later in this article.
Tracked as CVE-2019-1458 and rated as Important, the newly patched zero-day Win32k privilege escalation vulnerability, reported by Kaspersky, was used in Operation WizardOpium attacks to gain higher privileges on targeted systems by escaping the Chrome sandbox.
Although Google addressed the flaw in Chrome 78.0.3904.87 with the release of an emergency update last month after Kaspersky disclosed it to the tech giant, hackers are still targeting users who are using vulnerable versions of the browser.
As The Hacker News reported last month, Operation WizardOpium involved a compromised Korean-language news portal where attackers secretly planted a then-zero-day Chrome exploit to hack computers of its visitors.
According to Kaspersky researchers, the Chrome use-after-free exploit was chained together with the newly patched EoP flaw that exists in the way the Win32k component in Windows OS handles objects in memory.
images from Hacker News