• Details from Kaspersky on the IE 0day

    Home » Forums » Newsletter and Homepage topics » Details from Kaspersky on the IE 0day

    Tags:

    Author
    Topic
    woody
    Manager
    August 12, 2020 at 11:39 am #2288183

    Boris Larin at Kaspersky has published details on one of the two “OMG! It’s a ZERO-DAY!” security holes plugged yesterday, CVE-2020-1380 – “Scripting
    [See the full post at: Details from Kaspersky on the IE 0day]

    2 users thanked author for this post.
    CAS, Elly
    Reply | Quote
    Viewing 1 reply thread
    Author
    Replies
    • CAS
      AskWoody Plus
      August 13, 2020 at 11:00 am #2288371

      Woody, candidly I lack the technical knowledge to understand the Kaspersky article.  I don’t know if I have a problem or not. I’m hoping that you might be able to give me some guidance.

      I am forced to use IE 11, indirectly, because I am a long time user of Quicken. When Quicken downloads my transactions it does so using IE to connect to my financial institutions. I never use IE as a browser. My default browser is Firefox ESR but Quicken will not work with Firefox. As an aside, Quicken has issues with Edge, too.

      I do not have a MS account, and connect to the internet using a local account. My patching is current through July 2020. My version of Win 10 is 1909 OS build 18363.959.

      CAS

      Reply | Quote
    • Paul T
      AskWoody MVP
      August 14, 2020 at 2:16 am #2288503

      To exploit the vulnerability you need to visit a malicious web site with IE11.
      If your only use of IE11 is for Quicken to connect to your financial institution, there is very little chance that you will visit a malicious site.

      If you are really concerned you could do several things.

      1. Don’t download transactions in Quicken until Windows is patched.
      2. Backup before using Quicken and AV scan after use.
      3. Backup your machine and install the patch manually.

      cheers, Paul

      1 user thanked author for this post.
      CAS
      Reply | Quote
      • CAS
        AskWoody Plus
        August 14, 2020 at 10:59 am #2288595

        Thank you for your reply, Paul. I’m going to backup my computer and then install the two IE patches, manually. (Better safe than sorry.) I’ll cross my fingers and hope the patches don’t cause chaos with my computer.

        Stay safe.

        CAS

         

        Reply | Quote
      • CAS
        AskWoody Plus
        August 15, 2020 at 12:08 pm #2288825

        After giving your options another look I decided to do nothing, Paul. Given my circumstances, this is a perfect case for the application of Occam’s Razor.

         

        CAS

        1 user thanked author for this post.
        Paul T
        Reply | Quote
    Viewing 1 reply thread
    Reply To: Details from Kaspersky on the IE 0day

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    March 2025
    S M T W T F S
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.