Internet Explorer Zero-Day Vulnerability Exploited by APT 37
Internet Explorer Zero-Day Vulnerability Exploited by APT 37
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
North Korean hackers identified as APT37 exploited a previously unknown Internet Explorer zero-day vulnerability to infect South Koreans, North Korean defectors, policymakers, journalists, and human rights activists. The vulnerability is discovered in the browser’s “JScript9” JavaScript engine, and when exploited by remote attackers, it allows them to inject malicious code into a target system.