Posted by 
A new blog post from Google’s Threat Analysis Group (TAG) reveals that an Internet Explorer zero-day vulnerability was actively exploited by North Korea in October 2022. The attack targeted South Korean users by embedding malicious malware into documents that reference the recent Itaewon crowd crush tragedy in Seoul.
The Internet Explorer web browser was officially retired back in June earlier this year and has since been replaced by Microsoft Edge. However, as TAG’s technical analysis explains, Office is still using the IE engine to execute the JavaScript that enables the attack, which is why it worked on Windows 7 through 11 and Windows Server 2008 through 2022 machines that haven’t installed new November 2022 security updates.
TAG…
Source: TheVerge
