Microsoft Zero-Day for JScript

Remote Code Execution Vulnerability Disclosed

Researchers at Telspace Systems have advised they have found a Zero Day exploit, but no fix is yet available. The release date has been estimated to be in the July 2018 Patch Tuesday, however we will let you know when a fix is announced.

The issue lies in Microsoft’s ECMAScript standard – its JScript component used in Internet Explorer. In this case, JScript is implemented as an active scripting engine.The flaw could allow code execution within a sandboxed environment which usually is protected from access. An attacker can then leverage the vulnerability to execute code under the context of the current process.

How to Patch More Efficiently

Syxsense is the solution for your patching needs. At a glance, you can easily tell which devices need updates. Our color-coded indicators tell you the severity and number of patches a device requires. Then it’s a few simple steps to set up an automated patch deployment. You can ensure no work is interrupted by scheduling patches to be deployed around business hours.