D
DelJo63
According to ZDnet.com:
In an advisory crediting Qihoo 360 Core Security researchers and Kaspersky Lab malware analysts for discovering a critical bug tagged as CVE-2018-8174, Microsoft details a remote code execution flaw residing not in Internet Explorer but the Windows VBScript engine. However, it also explains the bug can be exploited through Internet Explorer.
This is the first time we've seen a URL moniker used to load an IE exploit, and we believe this technique will be used heavily by malware authors in the future.
see Microsoft This is the first time we've seen a URL moniker used to load an IE exploit, and we believe this technique will be used heavily by malware authors in the future.