32 matches found
EUVD-2018-8031
Malware in sbrugna...
Microsoft DirectWrite / AFDKO - Multiple Bugs in OpenType Font Handling Related to the "post" Table
-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...
Microsoft Internet Explorer 11 - VBScript Execution Policy Bypass in MSHTML
!-- Windows: Windows: IE11 VBScript execution policy bypass in MSHTML Platform: Windows 10 1809 not tested earlier Class: Security Feature Bypass Summary: MSHTML only checks for the CLSID associated with VBScript when blocking in the Internet Zone, but doesn’t check other VBScript CLSIDs which...
Design/Logic Flaw
Untrusted search path vulnerability in The installer of Windows 10 Fall Creators Update Modify module for Security Measures tool allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2018-16177
Untrusted search path vulnerability in The installer of Windows 10 Fall Creators Update Modify module for Security Measures tool allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2018-16177
The CVE-2018-16177 issue affects the Windows 10 Fall Creators Update: Modify module for Security Measures tool, where the installer may load an attacker-controlled DLL due to a insecure DLL search path (CWE-427). This can allow arbitrary code execution with the privileges of the user invoking the...
Windows 10 Fall Creators Update Modify module for Security Measures tool installer code execution vulnerability
Windows 10 Fall Creators Update Modify module for Security Measures tool is a Windows 10 Fall Creators security tool. installer is its installer. A code execution vulnerability exists in the installer in the Windows 10 Fall Creators Update Modify module for Security Measures tool, which can be...
The installer of Windows10 Fall Creators Update Modify module for Security Measures tool may insecurely load Dynamic Link Libraries
Overview The installer of Windows10 Fall Creators Update Modify module for Security Measures tool provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Tomohisa Hasegawa of Canon...
JVN#15709478: The installer of Windows10 Fall Creators Update Modify module for Security Measures tool may insecurely load Dynamic Link Libraries
The installer of Windows10 Fall Creators Update Modify module for Security Measures tool provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be execut...
Bypassing Mitigations by Attacking JIT Server in Microsoft Edge
Posted by Ivan Fratric, Project Zero With Windows 10 Creators Update, Microsoft introduced a new security mitigation in Microsoft Edge: Arbitrary Code Guard ACG. When ACG is applied to a Microsoft Edge Content Process, it makes it impossible to allocate new executable memory within a process or...
Windows 10 'S Mode' Coming Soon — For Security and Performance
Microsoft has confirmed that the company is planning to convert Windows 10 S from a dedicated operating system to a special "S Mode" that will be available in all versions of Windows. Windows 10 S, a new operating system designed for simplicity, security, and speed, was released by Microsoft last...
Windows Defender ATP machine learning and AMSI: Unearthing script-based attacks that ‘live off the land’
Scripts are becoming the weapon of choice of sophisticated activity groups responsible for targeted attacks as well as malware authors who indiscriminately deploy commodity threats. Scripting engines such as JavaScript, VBScript, and PowerShell offer tremendous benefits to attackers. They run...
Microsoft Windows 10 Creators Update version 1703 - Kernel Local Privilege Escalation Exploit
Microsoft Windows 10 Creators Update version 1703 x86 - 'WARBIRD' 'NtQuerySystemInformation ' Kernel Local Privilege Escalation / EDB Note Source https://gist.github.com/xpn/736daa4d1ff7b9869f4b3d1e9a34d315/ff2e2465d4a07588d0148dc87e77b17b41ef9d1d Source...
Microsoft Windows 10 (Build 1703 Creators Update) (x86) - 'WARBIRD' 'NtQuerySystemInformation ' Kernel Local Privilege Escalation
/ EDB Note Source https://gist.github.com/xpn/736daa4d1ff7b9869f4b3d1e9a34d315/ff2e2465d4a07588d0148dc87e77b17b41ef9d1d Source https://blog.xpnsec.com/windows-warbird-privesc/ Source https://github.com/xpn/warbirdexploit Ref https://bugs.chromium.org/p/project-zero/issues/detail?id=1391 / //...
Detecting reflective DLL loading with Windows Defender ATP
Today's attacks put emphasis on leaving little, if any, forensic evidence to maintain stealth and achieve persistence. Attackers use methods that allow exploits to stay resident within an exploited process or migrate to a long-lived process without ever creating or relying on a file on disk. In...
Microsoft Windows 10 Creators Update 32-bit Ring-0 Code Execution Exploit
Microsoft Windows 10 Creators Update suffers from a 32-bit execution of ring-0 code from NULL page via NtQuerySystemInformation class 185, Warbird functionality. Windows 10 Creators Update 32-bit execution of ring-0 code from NULL page via NtQuerySystemInformation class 185, Warbird functionality...
Move away from passwords, deploy Windows Hello. Today!
Something we understood from the very beginning with Windows Hello for Business is our customers would approach Windows 10 in a series of phases. The first phase is to simply deploy the platform itself. From there, additional phases would follow to take advantage of optional Windows 10 technologi...
Microsoft Windows 10 RS2 (x64) - win32kfull!bFill Pool Overflow
Microsoft Windows 10 RS2 x64 - win32kfull!bFill Pool Overflow Sources: https://siberas.de/blog/2017/10/05/exploitationcasestudywildpooloverflowCVE-2016-3309reloaded.html https://github.com/siberas/CVE-2016-3309Reloaded Exploits for the recently-patched win32kfull!bFill vulnerability. Executing th...
Moving Beyond EMET II – Windows Defender Exploit Guard
Since we last wrote about the future of EMET and how it relates to Windows 10 back in November 2016 see Moving Beyond EMET, we have received lots of invaluable feedback from EMET customers and enthusiasts regarding the upcoming EMET end of life. Based on that feedback, we are excited to share...
Windows Defender Antivirus cloud protection service: Advanced real-time defense against never-before-seen malware
For cybercriminals, speed is the name of the game. It takes newly released malware an average of just four hours to achieve its goal—steal financial information, extort money, or cause widespread damage. In a recent report, the Federal Trade Commission FTC said that cybercriminals will use hacked...