WMF Exploits Sold By Russian Hackers
The
Windows Metafile (WMF) bug that caused users -- and Microsoft -- so much grief in December and January spread like it did because Russian hackers sold an exploit to anyone who had the cash, a security researcher said Friday.
microsoft -
comments -
4.2.2006 Microsoft tests fix for IE bug as exploits appear
A recently identified Internet Explorer security hole is now being exploited and Microsoft hopes to include a fix for it in its April 11 patch or maybe even earlier, according to a posting on a Microsoft blog. So far, attacks are limited in scope, Stephen Toulouse, head of Microsoft's Security Response Center, wrote on the center's blog on Saturday.
microsoft -
comments -
28.9.2006 Exploits Hot on the Heels of Microsoft's Patches
Exploit code for two of Tuesday's patches have been posted to mailing lists by researchers. Exploits appeared within hours for two of the bugs that Microsoft Corp. fixed Tuesday.
microsoft -
comments -
14.6.2007 Review: Vista, XP Users Equally At Peril To Viruses,Exploits
Thanks to pacpis for this article. After a week of extensive testing, the CRN Test Center found that users of Windows Vista and Windows XP are equally at risk to viruses and exploits and that overall Vista brings only marginal security advantages over XP.
windows -
comments -
30.5.2007Exploit Code Surfaces for Two
MS Flaws
Security companies warned of
two new exploits released for
vulnerabilities that were
patched by Microsoft earlier
this month. The code exploits
issues in Windows DHCP and the
"mailslot"
application...
betanews.com -
26.07.2006Microsoft releases activation exploit detection update
Microsoft has released an update for Windows Vista designed to detect activation exploits that bypass product activation and that interfere with usual
Windows operation. This update is tagged as KB940510.
According to Microsoft "when the update is installed, no functionality of your
operating system will be affected. If no exploits are detected, the update silently exits. If exploits are detected, you will be provided a link to a
Web site that describes how you can remove the exploits. When the exploits are removed, you may be asked to use a valid product key to activate your
copy of Windows. If you do not want to remove the exploits, Windows may disable the exploits and then ask you to use a valid product key to activate
Windows."
neowin.net -
27.02.2008Microsoft to issue out-of-cycle patch for the 'unknown exploit'
We're not even really sure if the reports of new exploits affecting Internet Explorer browsers are actually valid, but in case they are, Microsoft
will issue a patch that addresses the problem those exploits may be targeting...
betanews.com -
17.12.2008Review: Vista, XP Users Equally At Peril To Viruses, Exploits
After a week of
extensive testing, the CRN
Test Center found that users
of Windows Vista and Windows
XP are equally at risk to
viruses and exploits and that
overall Vista brings only
marginal security advantages
over XP.
One of Microsoft's big
promises with Vista was a more
secure operating system. But
when stripped to the bare
bones and thrown into the
wild, wild Web, Vista's
security failed to impress
Test Center engineers.
Vista remains riddled with
holes, despite its multilayer
security architecture and
embedded security tools.
Besides providing no
improvement in virus
protection vs. XP, Vista
brings little or no security
gains over its predecessor
against such threats as RDS
exploits, script exploits,
image exploits, VML exploits,
malformed Web pages and known
malicious URLs, the Test
Center found.
winbeta.org -
30.05.2007Installing Branded IE7 on Windows XP SP3
Jane Maliouta: Last week, I blogged about installing Windows XP SP3 and how it affects different versions of Internet Explorer (See my earlier blog
post
here). Today I will be discussing installing branded/custom
versions of IE7 on machines with Windows XP SP3 installed. This post is primarily aimed towards folks who use the
Internet Explorer
Administration Kit 7 (IEAK7) to create custom IE7 packages, like Internet Service Providers (ISPs) and web developers. If you ever installed the
IEAK7, built a custom version of IE7 or distributed a version of IE7 to others, this post is for you.
winbeta.org -
13.05.2008HD Moore takes iPhone exploits public
Noted hacker HD Moore has posted exploits for a vulnerability in Apples iPhone, the same flaw thats been used by others to unlock the smart phone so
it will work on other networks. The vulnerability, which is in the TIFF image-rendering library shared by the iPhones Safari browser and its e-mail
program, as well as by the iTunes software, leaves the iPhone wide open to attack, said Moore, who posted a second, and more robust, exploit today
after debuting attack code yesterday. " This exploit is rock solid. Its very reliable, as reliable as the WMF
exploits in
Windows. You can send it in an e-mail, you can embedded it in a Web page. The second exploit works on 1.0, 1.0.1, 1.0.2 and 1.1.1 iPhones ,"
said Moore.
Read full story.....
neowin.net - 17.10.2007
Exploits hot on the heels of Microsoft's patches
Exploits appeared
within hours for two of the
bugs that Microsoft Corp.
fixed yesterday.
Microsoft's June set of
security updates patched 15
separate vulnerabilities, nine
of them labeled "critical,"
the company's most serious
threat rating. Exploit code
for two of the bugs -- one in
Internet Explorer (IE), the
other in Windows XP, Windows
2000 and Windows Server 2003
-- have been posted to the
Bugtraq and Full-disclosure
mailing lists by researchers.
A. Micalizzi went
public with a pair of exploits
-- one successful against
Windows 2000, the other
against Windows XP -- that
leverage one of the six IE
bugs patched yesterday. A bug
-- actually two because both
the ActiveListen and
ActiveVoice ActiveX controls
are flawed -- was tagged
"critical" in IE6 on Windows
2000 and Windows XP SP2, and
"critical" in IE7 on both XP
SP2 and Windows Vista.
ActiveListen and ActiveVoice
provide speech processing and
text-to-speech to the browser.
..
winbeta.org - 14.06.2007
Rare Mac Trojan exploits Apple vulnerability
A rare Mac OS X Trojan has been spotted on the internet. The AppleScript-THT Trojan horse exploits a vulnerability within the Apple Remote Desktop
Agent to load itself with root privileges onto compromised Mac machines. The malware, which is capable of infecting Mac OS X 10.4 and 10.5 boxes,
surrenders control of compromised systems to hackers.
Keystroke logging on compromised systems, taking pictures (using the built-in Apple
iSight camera) or capturing screenshots are among the hacker exploits enabled by the malware, Mac security outfit SecureMac reports. The malware
weaves its malicious spell while attempting to remain undetected by opening ports in the firewall and turning off system logging.
neowin.net - 23.06.2008
One Hacker Kit Accounts For 71% Of Attacks
According to Atlanta,
Gerogia-based Exploit
Prevention Labs, a
multi-exploit hack pack was
behind 70.9% of all Web-based
attacks throughout December
2006. The kit includes up to a
dozen different exploits,
including several derived from
the proof-of-concept code
published in July 2006 by HD
Moore as a part of the "Month
of Browser Bugs" project. The
package's heavy encryption
prevents the determination of
the exact number of exploits
within, according to Exploit
Prevention's CEO, Roger
Thompson.
" The
dominance of this package
reinforces the fact that the
development and release of
exploits frequently parallels
legitimate software
businesses. The bad guys are
working hard to update and
release tweaks to existing
exploits at least in part
because developing a new
exploit is a complex
development task ," said
Thompson.
neowin.net - 24.01.2007
Microsoft to release update to detect Vista activation exploits
Alex Kochis: <...> Later this month Microsoft will release an update to Windows Vista through Windows Update that will enable Gold and SP1-installed
systems to detect the presence of the Grace Timer and OEM BIOS exploits then alert the customer of their presence. The dialog box (shown below) also
provides customers with guidance about what they can do to fix it and provides a Web link for more details, so that customers can learn about the
particular exploit and learn how to disable and remove it. If they are a victim of software piracy, the linked Web pages will provide information on
how to get genuine software.
winbeta.org - 22.02.2008
Dasher Worm Attacks Windows
Patch available, but separate
IE exploits target browser
vulnerabilities...
pcworld.com - 16.12.2005
Shrinking patch windows hit by automated attacks
The length of time between the development of security patches and the development of exploits targeting the security holes they address has been
dropping for some time. Hackers exploit this period of time - the so-called patch window - to launch attacks against unpatched machines. Typically,
exploits are developed by skilled hackers versed in the arcane intricacies of reverse engineering.
However, hackers have now begun using
off-the-shelf tools to at least partially automate this process, a development that might lead to exploits coming out hours instead of days after the
publication of patches.
neowin.net - 21.04.2008
Phishers Bite Back with Malware Exploits Linked to Keywords
The minds behind the Asprox botnet are retaliating against visitors to their phishing page who put profanity or other flagged keywords into the
phishers' phony log-in form instead of legitimate data. The phishing page contains logic that recognizes words like "phish" and retaliates with
exploits targeting vulnerabilities in Microsoft Windows, according to a security researcher. Criticize the people behind the Asprox botnet, and they
take it personal—so much so that they will bombard you with malware, according to a report by SecureWorks.
The botnet, now at least
50,000-strong with bots, is sending out phishing emails posing as messages from banks in the U.S. and U.K. The links inside the email lead to a page
with a phishing form that reacts to both incomplete forms and forms containing certain keywords, including profanity or the word "phish." If users
who filled out the form improperly click on the “confirm” button, their computers are assaulted with malware in retaliation.
neowin.net - 26.08.2008
Hackers Publish Two Windows
Exploits
Microsoft has posted fixes for
both flaws, but an IE bug
remains unpatched...
pcworld.com - 02.12.2005
Mozilla Patches Firefox Flaw
Workaround will prevent
exploits that allow remote
control of users' systems
through browser bug...
pcworld.com - 12.09.2005
Symantec to block exploits in IE
Security vendor Symantec has
launched a project aimed at
plugging holes in Microsoft's
Internet Explorer (IE).
Project 'Canary' will
run alongside IE "looking for
attempts to exploit the
browser", according to Adam
Bromwich, senior manager for
the development of advanced
concepts at Symantec.
Instead of patching
vulnerabilities in the
browser, Canary will block
code that tries to exploit
those vulnerabilities.
Symantec plans to ship a
consumer product this spring
(autumn in the northern
hemisphere), and a business
product "soon". The product
will be extended to Firefox
and Safari in the future,
Bromwich said.
winbeta.org - 25.06.2007
Site Hopes to Become eBay of Vulnerabilities
A new auction site is making a
business out of selling
security exploits, saying the
current methods of rewarding
researchers for their work is
broken...
betanews.com - 07.07.2007
Trojan Exploits Obama Presidential Win
President-elect Barack Obama is already targeted as the subject of a malicious malware campaign designed to steal information from infected computers.
Following Obama's presidential victory Tuesday, malware authors were quick to create a Trojan exploiting the high volumes of Web traffic
surrounding Obama, security experts said.
And so far, researchers say that spam capitalizing on Obama's victory has experienced a sharp
upward spike, comprising about 60 percent of all spam messages in what has become a globalized attack. "The hackers are taking advantage of
Obama-mania," said Graham Cluley, senior technology consultant for SophosLabs. "So many people have been excited or interested in (the election),
that they might be susceptible to it."
Read
full story.....
neowin.net - 06.11.2008
Two New IE Flaws Discovered
Security researchers
discovered two new flaws in
Internet Explorer earlier this
week. While proof of concept
code is available for both,
there are no known exploits of
either flaw. Microsoft is
investigating the issue...
betanews.com - 30.06.2006
Attack PDF prowls for unpatched Adobe Reader, Acrobat
A malicious PDF document that exploits bugs in Adobe Systems Inc.'s Reader and Acrobat software is on the loose, Symantec Corp. said today, just
hours after Adobe patched the programs.
"This mass mailing of exploit files may be an attempt to leverage the exposure window
between patch release and widespread adoption of the fix," said Symantec in a warning to customers of its DeepSight threat intelligence network.
The rogue PDF document is attached to spammed e-mail, and arrives with a filename such as YOUR_BILL.pdf or INVOICE.pdf, said
Symantec. It exploits the "mailto:" protocol vulnerability disclosed more than a month ago by U.K.-based researcher Petko Petkov.
winbeta.org - 24.10.2007
