The team at Enki have discovered a vulnerability in Internet Explorer that has been used in campaigns targeting security researchers the browsers render process to execute malicious code and exfiltrate data from the victim machine. It should be noted that this vulnerability stops in the low integrity sandbox and in order to gain persistence on the machine another exploit must be chained to this attack. What is striking about this initial attack vector is the ease at which it executes. If unsuccessful with the more obvious approach where a user would need to check a popup box approving activity, the exploit can be deployed instantly from a malicious ad
d hosted on a benign website. Phishing email ’s redirect unsuspecting users are all too common and successful.