Items tagged with Zero-Day
Heads up, Microsoft has issued a patch for what security researchers had dubbed a "highly sophisticated" zero-day vulnerability in Windows that hackers could use to target Office 365 and Office 2019 users. It is available as a standalone release, and also as part of this month's cumulative Patch Tuesday update, which rolled out to PCs yesterday. Tracked as CVE-2021-40444, the zero-day flaw is described as a Microsoft MSHTML remote code execution vulnerability. Prior to releasing the patch, Microsoft said it was aware of targeted attacks against potential victims, by way of specially crafted Microsoft Office documents. "An attacker could craft a malicious ActiveX control to be used by a Microsoft...
Read more...
Have you updated your Chrome browser lately? Assuming you use Chrome, now would be a good time to force the issue, as the latest update brings with it patches for nearly a dozen security flaws, including a pair of zero-day vulnerabilities that Google says are actively being exploited in the wild. So, yeah, take two seconds to update your browser. The latest Chrome release for Windows, Mac, and Linux is 93.0.4577.82. Chrome does a good job of updating itself, and in this case, Google says the latest version will roll out to PCs over the coming days and weeks. You don't necessarily have to wait, however, you can have Chrome manually fetch the update right now. Click to Enlarge To do that, click...
Read more...
Security researchers say they discovered and reported to Microsoft a "highly sophisticated" zero-day attack vector in Windows that targets Office 365 and Office 2019 users. In some cases, simply opening an infected document would be enough to compromise a PC. Furthermore, there does not yet exist a patch, though one is on the way. In a Twitter post, cybersecurity outfit EXPMON said it notified Microsoft of the flaw over on Sunday and has been "working tirelessly over the holiday weekend to protect users." EXPMON also said it was able to reproduce the attack method on a typical user environment. Microsoft released a security bulletin (CVD-2021-40444) saying it is investigation the situation, and...
Read more...
Companies like Microsoft and others are potentially getting more time to fix zero-day vulnerabilities before Google's Project Zero team discloses them to the public, as part of a new policy change for 2021. At the same time, end users can potentially expect zero-day security patches to arrive quicker and be more thorough. How so? On the surface, giving companies additional time to stomp out bugs seems counterintuitive to users receiving more timely patches for newly discovered vulnerabilities. And perhaps it will work out that way. But on the surface, the new "90+30" trial, as Project Zero calls the policy change, looks like a win-win for all involved. Under last year's policy, Project Zero held...
Read more...
With everyone using Zoom for both work and school, a vulnerability in the software can be especially concerning. This week, researchers competing in a zero-day hunting competition found a bug in Zoom that allowed them to remotely execute code without any necessary action from the target. This find netted the researchers a sum of cash and the concern of Zoom customers everywhere. Pwn2Own is a zero-day hunting contest organized by the Zero Day Initiative, which brings white hat hackers together to make software better by finding vulnerabilities. The multi-day event uncovered many issues in software, but the most interesting one that could have the most impact is with Zoom. We're still confirming...
Read more...
Google has released a new version of Google Chrome today after tackling two more high-profile, zero-day exploits. Over the last several weeks, Google has found multiple attack vectors and has been squashing them at a rapid pace, so this is just a couple more on the pile. Users are advised to upgrade Chrome ASAP, as the risk for these exploits is ranked “High” by Google. At the end of October, Google took care of several exploits that came up through Project Zero. The new exploits that were discovered make it seem like Google Chrome is Swiss cheese with all the security holes, but they are being patched at the very least. The first vulnerability, given the designation CVE-2020-16013,...
Read more...
Sophos has published an emergency security update to patch a zero-day vulnerability in its XG enterprise firewall product. The patch plugs a hole that was being abused in the wild by hackers. Sophos says that it learned of the zero-they exploit on Wednesday of last week, after receiving a report from one of its customers. The customer reported that it had seen "a suspicious field value visible in the management interface." After investigation, Sophos determined that it was an active attack on both physical and virtual XG Firewall systems, and not a misconfiguration in its product. The hackers were abusing an SQL injection bug in its database to steal passwords. Sophos says that the attack...
Read more...
Earlier this week, it was reported that a zero-day exploit has been running in the wild that targets the iOS Mail app. First discovered by the researchers at ZecOps, the vulnerability has been labeled as "zero-click" because it allegedly needs no intervention from the user to attack an iPhone or iPad running even the most recent versions of iOS 13. A total of two vulnerabilities were found by ZecOps, which included the possibility for remote code execution. Now, Apple is responding, and it is trying to throw some cold water on the severity of these exploits. The company released the following statement to news organizations on Friday: Apple takes all reports of security threats seriously....
Read more...
If you're an Apple iPhone or iPad owner that uses the native Mail app for emailing purposes (and that probably includes a marjory of iOS users), we have a word of caution for you. The folks over at ZecOps have uncovered a vulnerability in the app that is currently active in the wild, pending a fix from Apple. According to a blog that ZecOps researchers posted today, the vulnerability is "widely exploited" and has primarily targeted "VIPs, executive management across multiple industries, individuals from Fortune 2000 companies" around the globe. The exploit requires absolutely no user-intervention in iOS 13, and can be perpetrated by an email sent to a target while the Mail app is simply running...
Read more...
It is big news when a major vulnerability is discovered and exploited in Windows, because there is the potential to do a lot of harm. We saw this when WannaCry crippled UK hospitals for a short time (fortunately, it was mitigated rather quickly). Now, you may not have heard of VxWorks, a real-time operating system (RTOS), but a series of recently discovered security flaws is no less concerning. Wind River (acquired by Intel in 2006 and sold to TPG in 2018) describes VxWorks as "the most widely used operating system you may never have heard about." That is probably accurate for the average person. While not as widely known as Windows or macOS, VxWorks is installed on more than 2 billion embedded...
Read more...
SandboxEscaper is at it again, releasing another zero-day exploit into the wild without giving Microsoft a heads up before publication. If you recall, SandboxEscaper doesn't think too highly Microsoft and has published other zero-day vulnerabilities affecting the company's software dating back to the summer of 2018. The latest exploit leverages local privilege escalation (LPE) to compromise the Windows 10 task scheduler. If you recall, SandboxEscaper used a similar method to exploit the task scheduler back in August. According to the description of the vulnerability posted to GitHub, a malicious .job file targeting the task scheduler is the springboard for this latest attack. We...
Read more...
Although Microsoft is hoping for a big browser comeback with the Chromium-based version of the Microsoft Edge browser, there’s another browser in the company’s repertoire that many people have already forgotten about. Of course, we’re talking about the “undead” Internet Explorer. Internet Explorer has a long history of poor security (which was one of the reasons for its dwindling popularity), and now a new exploit that takes advantage of the browser has been brought to light. John Page, a security researcher, has discovered an XML eXternal Entity (XXE) vulnerability that takes advantage of MHT files. The main issue is that by default, Windows-based...
Read more...
Microsoft has released an emergency patch to fix a critical vulnerability discovered in Internet Explorer. If left unpatched, an attacker could exploit the security hole to remotely execute malicious code on a victim's PC when visiting a compromised website. Listed as CVE-2018-8653, the flaw affects all supported versions of Windows. "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current...
Read more...
It's been a rough October for Microsoft and its Windows 10 operating system. Now, to add insult to injury, another zero-day flaw has been published via Twitter. SandboxEscaper, who also published a zero-day Windows vulnerability via the social media platform back in late August, disclosed this latest exploit. The security researcher publishes a proof-of-concept on GitHub was demonstrates how it can affect a target system. In practices, this new flaw is similar to the one disclosed back in late August and exploits a Windows feature called impersonation to improperly gain access to elevated privileges. https://t.co/1Of8EsOW8z Here's a low quality bug that is a pain to exploit.....
Read more...
A former security researcher decided to go out with a bang after apparently deciding to retire from the security game and blog about traveling instead. Known on Twitter as SandboxEscaper, the researcher revealed in a tweet a zero-day vulnerability affecting Windows rather than submitting a bug report to Microsoft. The former security researchers also posted a link to a proof-of-concept on Github, in case anyone thought the vulnerability was not real. It is, and Microsoft is working on a fix. Here is the alpc bug as 0day: https://t.co/m1T3wDSvPX I don't fucking care about life anymore. Neither do I ever again want to submit to MSFT anyway. Fuck all of this shit. — SandboxEscaper (@SandboxEscaper)...
Read more...
A vulnerability researcher at Google is giving props to Microsoft for issuing a quick fix to what he described as a "crazy bad" remote code exploit in the company's malware protection engine. He also said it was the worst of its kind in recent memory, and that is because prior to the patch, a remote attacker could gain full control of a PC simply by sending a malicious email. The recipient needn't even open the communication for this nasty zero-day bug to work. "The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could execute arbitrary code...
Read more...
As always, be wary of opening email attachments, especially from untrusted sources. Security outfits FireEye and McAfee have both observed malicious Microsoft Office RTF documents in the wild that are exploiting a zero-day vulnerability in Microsoft Windows and Office that has not yet been patched. The samples observed are organized as RTF files with the .doc extension and appear as Word files. The vulnerability allows an attacker to execute a malicious Visual Basic script when the user opens the document containing an embedded exploit. FireEye says it has seen several Office documents exploiting this particular vulnerability that download and execute malware payloads from different well-known...
Read more...
When WikiLeaks revealed the Central Intelligence Agency’s (CIA’s) hacking arsenal to the world, it was made clear that the agency is capable of snooping on Samsung Smart TVs thanks to various security exploits. However, it’s not just Samsung Smart TVs that are susceptible, a new report suggests that a number of Samsung devices running the Tizen OS are at risk due to unpatched exploits. Tizen is Samsung’s homegrown operating system that can be found on its low-end smartphones, smartwatches and of course smart TVs. Like Android, it’s based on the Linux kernel. However, unlike Android, it isn’t nearly as popular, so perhaps Samsung has been reticent to fixing vulnerabilities that plague the operating...
Read more...
Newer versions of Windows, including Windows 10 are vulnerable right now to a new Server Message Block (SMB) zero-day exploit that has been shown as a proof-of-concept. The vulnerability was first demonstrated by @PythonResponder and requires a user to connect to a SMBv3 server for a successful attack. Given the severity of the exploit, the U.S. Computer Emergency Readiness Team (US-CERT) has already published an emergency advisory, officially labeling it VU#867968. US-CERT describes the memory corruption vulnerability in detail, noting: Microsoft Windows fails to properly handle traffic from a malicious server. In particular, Windows fails to properly handle a server response that...
Read more...
Microsoft has often said that Windows 10 offers the best security features and malware protection of any Windows OS to date. In case anyone doubts that claim, the Redmond outfit explained how Windows 10 with the Anniversary Update installed was able to thwart a pair of potentially dangerous zero-day exploits months before it had released a patch that dealt with them directly. The Anniversary Update that rolled out in August introduced a bunch of security upgrades to Windows 10, including improvements to Windows Defender. Many of the upgrades are intended to help Windows 10 identify and neutralize zero-day threats. That is no easy task, considering that new ones come out all the time, but recent...
Read more...
Once again Google and Microsoft are at odds over the former's decision to disclose a zero-day vulnerability affecting the latter's Windows operating system. Google alerted both Adobe and Microsoft on October 21, 2016, of previously disclosed security flaws it discovered and in the time that has passed Adobe has issued patch (CVE-2016-7855) and Microsoft has not. Google's policy on zero-day and other critical vulnerabilities it believes are being actively exploited in the wild is to give software makers seven days to issue a patch or advisory. Once that time period elapses, Google discloses the security to the public. In this case, Google waited 10 days before disclosing the vulnerability on Halloween....
Read more...
Adobe recently published a security advisory APSA16-03, which details a vulnerability in Adobe Flash Player version 21.0.0.242 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. This comes after a patch for a zero day exploit was released in early April. Adobe believes the attackers are a group called “ScarCruft”. ScarCruft is a relatively recently APT group that has launched attacks in countries such as Russia, Nepal, South Korea, China, India, Kuwait, and Romania. The group recently has taken advantage of two Adobe Flash and one Microsoft Internet Explorer exploits. ScarCruft currently has two operations called Operation Daybreak and Operation Erebus. Operation Daybreak...
Read more...
