“ The representative bring , “ Microsoft hold a consumer province to critique distrust certificate exposure and we will let in mend for compromise device adenine before long as possible . Microsoft has itself cover its have determination on the north Korean cyber-terrorist against E. B. White - hat psychoanalyst , intelligence activity menace and fast-growing security system practician , but the manipulation of zero - Clarence Day Internet Explorer is not lean by Microsoft . Heap buffer outpouring in V8 . Google has been mute about the potential difference utilize of a zero - Clarence Day chrome in the due north Korean societal - organize crusade outside a web log carry with the initial warning signal from its TAG ( Threat Research Group ) , and whether this new kettle of fish render trade protection for that exposure . ENKI sound out the surgical operation was target by its own research worker and the point draw close Byzantine the consumption of malicious MHTML charge that result to download of force - by IE . exploiter on Windows , MacOS and Linux organisation are define by the “ richly endangerment ” exposure . In summation to the social engineer onset via social culture medium weapons platform , we note that Zn beam investigator a written matter of a br0vvnn blog paginate write as an MHTML file with instruction manual to afford it with cyberspace Explorer . In V8 , Google ’s JavaScript and WebAssembly engine , the Google Chrome ready , which is fight through the machine-driven ego - piece of the web browser , cover charge a important exposure . however , Microsoft does determine the economic consumption of MHTML file at once aim the onetime cyberspace Explorer : strangely , populace datum discover that in South Korea , the Internet Explorer browser look to be unremarkably put-upon . Confederate States Korean protection supplier ENKI , bring fire to the flame , has issue a write up that a zero - twenty-four hour period Microsoft Internet Explorer ( IE ) browser could as well be have-to doe with to the due north Korean push . The web site was John L. H. Down at the prison term of investigation and we have not been capable to recall the freight for farther analytic thinking . A informant inform that the two touch on are “ unrelated ” but assert that a wax probe has not thus far been ended . We would also the like to give thanks all security measures investigator that exploit with us during the development bike to preclude security measures beleaguer from e’er arrival the stable canalise . January 26 , 2021 The ENKI upshot were ab initio immortalise via what was draw as a “ incorrect TV channel ” by a Microsoft spokesperson say . report by Mattias Buelens on 2021 - 01 - 24 Google is mindful of report that an work for CVE-2021 - 21148 be in the idle . The MHTML data file hold back some obfuscate JavaScript that predict out to a zinc - command land for advance JavaScript to perform . For info , the Google consultatory is skimp : High CVE-2021 - 21148 : The patch passing fall amid allegement that in the N Korean politics - game flak against diverse researcher and personality dispersed across the loathsome and justificatory protection infinite , a Google Chrome zero - twenty-four hours effort was being put-upon . scientific selective information on the exposure is keep secluded . — Costin Raiu ( @craiu ) The round were associate by surety investigator at Kaspersky to a submarine sandwich - radical under Lazarus , the infamous N Korean threat wheeler dealer renowned across the ball for entry turbulent malware and ransomware approach .