Showing posts with label Zero-Day. Show all posts
Showing posts with label Zero-Day. Show all posts

Monday, April 28, 2014

[fireeye] New Zero-Day Exploit targeting Internet Explorer Versions 9 through 11 Identified in Targeted Attacks

Summary
FireEye Research Labs identified a new Internet Explorer (IE) zero-day exploit used in targeted attacks.  The vulnerability affects IE6 through IE11, but the attack is targeting IE9 through IE11.  This zero-day bypasses both ASLR and DEP. Microsoft has assigned CVE-2014-1776 to the vulnerability and released security advisory to track this issue.
Read more »
Posted by at No comments:
Labels: ,

Tuesday, March 25, 2014

[securityaffairs] Another zero-day vulnerability is threatening the Microsoft world

Microsoft issued a security advisory for the presence of a zero-day vulnerability in Microsoft Word products which allows a remote code execution.

Read more »
Posted by at No comments:
Labels: ,

Thursday, February 13, 2014

[fireeye] New IE Zero-Day Found in Watering Hole Attack

FireEye Labs has identified a new Internet Explorer (IE) zero-day exploit hosted on a breached website based in the U.S. It’s a brand new zero-day that targets IE 10 users visiting the compromised website–a classic drive-by download attack. Upon successful exploitation, this zero-day attack will download a XOR encoded payload from a remote server, decode and execute it.
This post was intended to serve as a warning to the general public. We are collaborating with the Microsoft Security team on research activities. We will continue to update this blog as new information about this threat is found.
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)