Remote Code Execution Vulnerability Found in Windows Internet Key Exchange

25-Nov-22

Targeting Windows Internet Key Exchange (IKE) Protocol Extensions, a number of exploits have been discovered in the wild. Almost 1000 computers might have been targeted using the vulnerabilities found, according to a new advisory that security firm Cyfirma recently published with Infosecurity.

A Mandarin-speaking threat actor’s campaign that roughly translates to “bleed you” would include the attacks that the company saw. Additionally, the Cyfirma Research team has seen unidentified hackers share an exploit URL on darknet forums that might be used to attack weak systems.

Read More…