|
Current News |
|
Vulnerabilities & Exploits
|
Vulnerabilities & Exploits
|
-
Yes, There’s a Zero-Day Exploit for Internet Explorer Out There
A new and previously unknown vulnerability affecting the Microsoft Internet Explorer 7 browser has been reported, just at the start of the Microsoft “Patch Tuesday” cycle for the month of December. Bad luck, or an intentional strategy by the attackers?
-
Microsoft Patch Tuesday, December 2008
Hello and welcome to this month's blog on the Microsoft patch releases. As far as vulnerability counts go, this is the largest patch release since Microsoft started the "Patch Tuesday" program back in late 2003. The release contains eight bulletins covering 28 vulnerabilities.
-
Increase in Exploit Attempts Against MS08-067
Microsoft Security bulletin MS08-067 was an out-of-band security update that was released on October 23, 2008, to address a critical remotely exploitable vulnerability that was being exploited in the wild. The Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability that was addressed
-
Microsoft Patch Tuesday - November 2008
Hello and welcome to this month’s blog on the Microsoft patch releases. This is a light month, with two bulletins covering four vulnerabilities.
-
Acrobat util.printf() Exploit Detected with Existing IPS Signatures
It appears that last night, an exploit for the Acrobat util.printf() vulnerability was added to a well known Web attack toolkit. The attack exists as a compressed PDF. Once decompressed, the exploit is encoded with a simple eval()+concatenation block:
|
|
Current News