Internet Explorer zero-day exploit used in targeted attacks in South Korea

May 10, 2016

Attackers have exploited an Internet Explorer zero-day vulnerability in limited targeted attacks that affected South Korea. The exploit for the Microsoft Internet Explorer Scripting Engine Remote Memory Corruption Vulnerability (CVE-2016-0189) appears to have been hosted on a web page, which suggests that attackers used spear-phishing emails or watering hole attacks to compromise users.

Microsoft fixed the zero-day vulnerability in its latest Patch Tuesday release.

Attacks against CVE-2016-0189

Attackers took advantage of the CVE-2016-0189 vulnerability before Microsoft patched it. They may have distributed the exploit through a link included in a spear-phishing email or a compromised, legitimate website that redirected users to the exploit.

Read full story…