White Hat Institute

Microsoft released an update to address a zero-day exploit used to propagate Emotet malware

microsoft emotet patch
Retrieved from s1.ibtimes.com

Microsoft has released patches to fix a number of security flaws in Windows and other applications, particularly one that is being aggressively exploited to spread malware payloads such as Emotet, TrickBot, and Bazaloader.

According to the Zero Day Initiative, the newest monthly release for December resolves a total of 67 issues, bringing the total number of bugs fixed by the corporation this year to 887. Seven of the 67 vulnerabilities are classified as critical, while the remaining 60 are classified as important, with five of the issues being widely known at the time of publication. This is in contrast to the 21 issues in the Chromium-based Microsoft Edge browser that have been fixed.

CVE-2021–43890 (CVSS score: 7.1) is by far the most serious of the bunch, a Windows AppX launcher spoofing vulnerability that Microsoft claims might be exploited to gain arbitrary code execution.

The lower severity score highlights the fact that code execution is dependent on the logged-on user, implying that users whose accounts are set up to have limited user privileges on the system may be less affected than users with administrator access privileges.

An attacker might exploit the issue by creating a malicious file and using it as part of a phishing effort to deceive users into opening the email attachment, according to the Redmond-based tech giant. The vulnerability was discovered by Sophos cybersecurity experts Andrew Brandt, Rick Cole, and Nick Carr of the Microsoft Threat Intelligence Center (MSTIC).

“Microsoft is aware of attempts that seek to exploit this flaw by using specially designed packages that comprise malware from the Emotet/ Trickbot/ Bazaloader family,” the company stated. The news comes as Emotet virus activities resume after a 10-month break due to a coordinated law enforcement attempt to limit the botnet’s spread.