Home Lead Story Microsoft Wor...

Microsoft Works To Fix Security Bug Issue in Internet Explorer

The vulnerability was found in how Internet Explorer handles memory

0
Microsoft
Overall, Microsoft said all supported versions of Windows are affected by the flaw, including Windows 7, which after this week will no longer receive security updates. Pixabay

 Microsoft has confirmed a security flaw affecting Internet Explorer is currently being used by hackers and it is working on a fix, to be released at a later date.

The vulnerability was first reported by US Homeland Security on Friday evening, although the issue is not limited to American devices. Overall, Microsoft said all supported versions of Windows are affected by the flaw, including Windows 7, which after this week will no longer receive security updates.

The vulnerability was found in how Internet Explorer handles memory. An attacker could use the flaw to remotely run malicious code on an affected computer, such as tricking a user into opening a malicious website from a search query or a link sent by email, TechCrunch reported recently.

“The company is only aware of limited targeted attacks for which it is already working on a fix,” the report quoted a Microsoft spokesperson. The tech giant assigned the bug with a common vulnerability identifier, CVE-2020-0674, but specific details of the bug have yet to be released.

Qihoo 360, a China-based security research team helped Microsoft in finding this flaw and it is believed to be a similar vulnerability as one disclosed by Mozilla, the maker of the Firefox browser.

As per report, neither Qihoo, Microsoft, nor Mozilla said how attackers were exploiting the bug, who the attackers were, or who was being targeted. Microsoft assigned the bug with a common vulnerability identifier, CVE-2020-0674, but specific details of the bug have yet to be released.

Microsoft
Microsoft has confirmed a security flaw affecting Internet Explorer is currently being used by hackers and it is working on a fix, to be released at a later date. Pixabay

Additionally, according to information gathered by PreciseSecurity.com, Microsoft Office products were the most commonly exploited by cybercriminals around the world and nearly 73 per cent of cyber exploits were performed in MS Office products in the third quarter of 2019.

ALSO READ: Tesla Owners Unintentionally Buy Software Updates, Face Troubles in Getting Refunds

MS Office products were followed by Browsers with 13.47 per cent of the total number of exploits by cybercriminals, Android with 9.09 per cent, Java with 2.36 per cent, Adobe Flash with 1.57 per cent and PDF with 0.66 per cent. (IANS)

Next Story

Special Olympics Partners Microsoft, Xbox to Organise Online Gaming Tournament

The tournament is scheduled to be held on May 30

0
Xbox
Special Olympics has partnered Microsoft and Xbox to organise a gaming tournament on May 30. Pixabay

Special Olympics has partnered Microsoft and Xbox to organise a gaming tournament on May 30 and fans can watch livestreamed Forza Motorsport 7 racing on Mixer, Xbox YouTube or Twitch.

There will be a first-ever Special Olympics award ceremony on gaming platform Minecraft.

“We’re partnering with the Special Olympics to keep athletes connected and maintain the joy of sports, using the power of Xbox,” Microsoft CEO Satya Nadella tweeted.

Special Olympics is the world’s largest sports organisation for children and adults with intellectual disabilities and physical disabilities, providing year-round training and activities to 5 million participants and Unified Sports partners in 172 countries.

Phil Spencer, Head of Xbox, said it is a great partnership with the amazing team at Special Olympics to bring gaming to the 2020 Special Olympics.

“Incredibly proud of all the teams that are making this possible and can’t wait to see the Olympians running some fast laps,” he said.

Back in 2018, Xbox hosted the first video gaming tournament at a Special Olympics event during Special Olympics USA Games held in Seattle, Washington.

xbox
Xbox hosted the first video gaming tournament at a Special Olympics event in 2018. Pixabay

“This year, Microsoft and Special Olympics are teaming up for the 2020 Special Olympics Xbox Virtual Gaming Event featuring Turn 10 Studios’ Forza Motorsport 7,” said the company.

Also Read: Yogi Performs ‘Rudrabhishek’ for Safety of Mankind from Corona

Eleven US states will be represented in this year’s event with over 35 athletes participating.

Microsoft and Special Olympics have been working together since 2014 with the goal of empowering Special Olympics athletes and programmes through technology.

Throughout the partnership, technologies such as Xbox and Microsoft Teams have been tools to bring adults and children with intellectual disabilities together in the face of a host of obstacles. (IANS)

Next Story

Intel-Microsoft Collaborated Project Turns Malware into Images

Intel and Microsoft joined hands to work on the study

0
Microsoft
Intel-Microsoft joint project to turn malware into images. Pixabay

Researchers from Intel and Microsoft have joined forces to study the use of deep learning for malware threat detection in a project that first converts malware into images.

The basis for this study is the observation that if malware samples are turned into grayscale images, the textural and structural patterns can be used to effectively classify them as either benign or malicious, as well as cluster malicious samples into respective threat families, Microsoft said.

The researchers used an approach that they called static malware-as-image network analysis (STAMINA), Jugal Parikh and Marc Marino from Microsoft Threat Protection Intelligence Team wrote in a blog post.

For the first part of the collaboration, the researchers built on Intel’s prior work on deep transfer learning for static malware classification and used a real-world dataset from Microsoft to ascertain the practical value of approaching the malware classification problem as a computer vision task.

Using the dataset from Microsoft, the study showed that the STAMINA approach achieves high accuracy in detecting malware with low false positives.

The results were detailed in a paper titled “STAMINA: Scalable deep learning approach for malware classification”.

intel-logo
The researchers used an approach that they called static malware-as-image network analysis (STAMINA). Wikimedia Commons

Read More: Healthy Eating Habits in Toddlers Reduces Chances Of Heart Realted Risks Later: Study

To establish the practicality of the STAMINA approach, which posits that malware can be classified at scale by performing static analysis on malware codes represented as images, the study covered three main steps: image conversion, transfer learning, and evaluation.

The study was performed on a dataset of 2.2 million PE file hashes provided by Microsoft. This dataset was temporally split into 60:20:20 segments for training, validation, and test sets, respectively.

The joint research encourages the use of deep transfer learning for the purpose of malware classification. (IANS)

Next Story

This Hacker Group is Selling User Data From 10 Firms For INR 13.6 Lakh Approx

The same hacker group was also behind selling a database of 22 million user records form online learning platform Unacademy on the Dark Web

0
Hackers
The hacker group is known as ShinyHunters, the same group behind breaching private repositories on Microsoft-owned GitHub (the hacker is believed to have acquired around 1,200 private repositories) and Tokopedia. Pixabay

A hacker group is selling data of 10 companies including online dating app Zoosk, US newspaper Star Tribune and food delivery service Chef that contains over 73 million user records over the Dark Web for $18,000 (nearly Rs 13.6 lakh).

Other companies are printing service Chatbooks, South Korean fashion platform SocialShare, online marketplace Minted, online newspaper Chronicle of Higher Education, South Korean furniture magazine GGuMim, health magazine Mindful and Indonesia online store Bhinneka, reports ZDNet. The listed databases have 73.2 million user records, with each database sold separately.

Please Follow NewsGram on Facebook To Get Latest Updates From Around The World!

The hacker group is known as ShinyHunters, the same group behind breaching private repositories on Microsoft-owned GitHub (the hacker is believed to have acquired around 1,200 private repositories) and Tokopedia, Indonesia’s largest online store where a database of over 90 million user records was sold. A Microsoft spokesperson was quoted as saying that the company is investigating the incident.

The same hacker group was also behind selling a database of 22 million user records form online learning platform Unacademy on the Dark Web. Bengaluru-based edtech firm Unacademy said the all the sensitive data of its users was safe and the company was addressing the security issue.

Hackers
A hacker group is selling data of 10 companies including online dating app Zoosk, US newspaper Star Tribune and food delivery service Chef that contains over 73 million user records over the Dark Web for $18,000 (nearly Rs 13.6 lakh). Pixabay

“We would like to assure our users that no sensitive information such as financial data or location has been breached,” said Hemesh Singh, Co- Founder and CTO, Unacademy. Encouraged by the profits from the Tokopedia sale, the same group has now listed the databases of 10 more companies.

“Some believe the ShinyHunters group has ties to Gnosticplayers, a hacker group that was active last year that sold more than one billion user credentials on dark web marketplaces, as it operates on a nearly identical pattern,” according to the report.

ALSO READ: 14-Day Home Quarantine Compulsory for Keralites Returning From Other States: Kerala CM

BleepingComputer reported that cyber intelligence firm ZeroFox informed them that Shiny Hunters had begun selling databases for the meal kit delivery service HomeChef, photo print service ChatBooks, and Chronicle.com, a news source for higher education. (IANS)