Magniber Hunts Internet Explorer Vulnerability

End of life for Internet Explorer is fast approaching, the Magniber ransomware gang has begun exploiting two patched vulnerabilities in Microsoft’s legacy browser to launch attacks on unsuspecting users.

The Internet Explorer vulnerabilities being exploited in Magniber’s latest round of cyberattacks are tracked as CVE-2021-26411 and CVE-2021-40444 and both vulnerabilities have a high CVSS score of 8.8.

While the first vulnerability is a memory corruption flaw triggered by viewing a specially crafted website, it was patched by Microsoft back in March of this year. The second vulnerability enables remote code execution in Internet Explorer’s rendering engine by opening a malicious document but it was also patched by the software giant back in September.

The Internet Explorer vulnerabilities now being used by the group are also easy to trigger as they only require a potential victim to open a file or webpage.While most organizations and individuals have switched to using modern browsers like Google Chrome and Microsoft Edge, 1.15 percent of page views worldwide still come from Internet Explorer.

As the Magniber ransomware is still in active development and its payload has been completely rewritten three times, those concerned about falling victim to this latest round of attacks from the group should stop using Internet Explorer and switch to another browser that uses auto-updates ASAP.