• About Us
  • Advertising
  • Digital Magazine
  • Supplements
  • Media Pack
  • Privacy Policy
  • Contact us
CXO Insight Middle East
  • News
  • Opinion
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
    • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CXO50 Oman
    • CXO50
    • ICT Awards
      • Dubai 2025
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2024
    • All events
  • GITEX
  • Digital Magazine
No Result
View All Result
CXO Insight Middle East
  • News
  • Opinion
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
    • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CXO50 Oman
    • CXO50
    • ICT Awards
      • Dubai 2025
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2024
    • All events
  • GITEX
  • Digital Magazine
No Result
View All Result
CXO Insight Middle East
No Result
View All Result

Kaspersky Lab uncovers new Windows zero day exploit

by Sarah Rizvi
January 6, 2019
in News
Kaspersky Lab uncovers new Windows zero day exploit

Kaspersky Lab technologies have automatically detected a new exploited vulnerability in the Microsoft Windows OS kernel, the third consecutive zero-day exploit to be discovered in three months. The latest exploited vulnerability (CVE-2018-8611) was found in malware targeting a small number of victims in the Middle East and Asia.

According to the Kaspersky Lab report, the exploit is particularly dangerous because the vulnerability exists in the kernel mode module of the operating system and can be used to bypass built-in exploit mitigation mechanisms in modern web browsers, including Chrome and Edge. The vulnerability has been reported to Microsoft, which has released a patch.

Zero-day vulnerabilities are previously unknown, and therefore unpatched, software bugs that attackers can exploit to gain access to victim systems and devices. They are immensely valuable to threat actors, and difficult to detect.

All three exploits were detected by Kaspersky Lab’s Automatic Exploit Prevention technology, embedded in most of the company’s products. Like the previous two exploited vulnerabilities (CVE-2018-8589 and CVE-2018-8453), patched by Microsoft in October and November respectively, the latest exploit was found used in-the-wild targeting victims in the Middle East and Africa. The exploit for CVE-2018-8589 was called “Alice” by the malware writers, who also referred to the latest exploit as “Jasmine”. Kaspersky Lab researchers believe that the new vulnerability has been exploited by multiple threat actors, including a new advanced persistent threat (APT) called Sandcat.

“The detection of three kernel mode zero-days within a few months is evidence that our products use the best technologies, which are capable of detecting such sophisticated threats. For organisations, it is important to understand that to protect their perimeter they should use a combined solution, like endpoint protection with an advanced threat detection platform,” said Anton Ivanov, a security expert at Kaspersky Lab.

Kaspersky Lab recommends the following security measures such as: installing Microsoft’s patch for the new vulnerability; making sure all software used in your organisation are updated on a regular basis, and whenever a new security patch is released.

Security products with Vulnerability Assessment and Patch Management capabilities may help to automate these processes. According to the company, other security measures include: choosing a proven security solution such as Kaspersky Endpoint Security that is equipped with behavior-based detection capabilities for effective protection against known and unknown threats, including exploits; using advanced security tools like Kaspersky Anti Targeted Attack Platform (KATA) if your company requires highly sophisticated protection; making sure your security team has access to the most recent cyber threat intelligence; finally, ensuring your staff is trained in the basics of cybersecurity hygiene.

Tags: cyber threat intelligenceCybersecurityfeatured3Kaspersky LabmalwareMiddle EastSecurityThreat IntelligenceWindowszero day exploit
ShareTweet

Related Posts

Gartner forecasts rise of Guardian agents
Future

Gartner forecasts rise of Guardian agents

By 2030, guardian agent technologies will account for at least 10 to 15% of agentic AI markets, according to Gartner....

June 12, 2025
Deloitte ME advances AI integration with launch of Global Agentic Network
Future

Deloitte ME advances AI integration with launch of Global Agentic Network

Deloitte has launched its Global Agentic Network, a strategic initiative designed to scale AI-driven digital workforce solutions for organisations around...

June 12, 2025

Discussion about this post

Latest Issue

Gartner forecasts rise of Guardian agents

Gartner forecasts rise of Guardian agents

June 12, 2025
Deloitte ME advances AI integration with launch of Global Agentic Network

Deloitte ME advances AI integration with launch of Global Agentic Network

June 12, 2025
TeKnowledge and Kore.ai partner to close the enterprise AI execution gap

TeKnowledge and Kore.ai partner to close the enterprise AI execution gap

June 12, 2025

The most trusted source of strategic intelligence for IT decision makers in the Middle East.

About

  • About Us
  • Advertising
  • Digital Magazine
  • Supplements
  • Media Pack
  • Contact Us

Policies

  • Privacy Policy

© 2024 – CXO Insight Middle East. All Rights Reserved.

Facebook-f X-twitter Linkedin
Separated they live in Bookmarksgrove right at the coast of the Semantics, a large language ocean. A small river named Duden.

About

  • About Us
  • Site Map
  • Contact Us
  • Career

Policies

  • Help Center
  • Privacy Policy
  • Cookie Setting
  • Term Of Use

Join Our Newsletter

© 2024 – CXO Insight Middle East. All Rights Reserved.

Facebook-f Twitter Youtube Instagram

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Join our mailing list
Sign up here to get the latest news, updates and special offers delivered directly to your inbox.
No Result
View All Result
  • News
  • Opinions
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
  • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CX50 Oman
    • CXO50
    • ICT Awards
      • Dubai
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2023
    • All events
  • Videos
  • GITEX GLOBAL
  • Digital Magazine

© 2024 - CXO Insight Middle East. All Rights Reserved.