Microsoft Zero-Day for JScript

Remote Code Execution Vulnerability Disclosed

Researchers at Telspace Systems have advised they have found a Zero Day exploit, but no fix is yet available. The release date has been estimated to be in the July 2018 Patch Tuesday, however we will let you know when a fix is announced.

The issue lies in Microsoft’s ECMAScript standard – its JScript component used in Internet Explorer. In this case, JScript is implemented as an active scripting engine.The flaw could allow code execution within a sandboxed environment which usually is protected from access. An attacker can then leverage the vulnerability to execute code under the context of the current process.

How to Patch More Efficiently

Syxsense is the solution for your patching needs. At a glance, you can easily tell which devices need updates. Our color-coded indicators tell you the severity and number of patches a device requires. Then it’s a few simple steps to set up an automated patch deployment. You can ensure no work is interrupted by scheduling patches to be deployed around business hours.

Related Posts

In the News: Brute-force attacks surge worldwide, warns Cisco Talos

In the News: Brute-force attacks surge worldwide, warns Cisco Talos

April 17, 2024
In the News: Why 92% of Security Professionals Worry About Generative AI

In the News: Why 92% of Security Professionals Worry About Generative AI

April 16, 2024
April 2024 Patch Tuesday: Microsoft releases 147 fixes this month including 3 Critical Threats.

April 2024 Patch Tuesday: Microsoft releases 147 fixes this month including 3 Critical Threats.

April 9, 2024
In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

March 29, 2024