Microsoft Windows Multiple Vulnerabilities (KB4467691)

This host is missing a critical security update according to Microsoft KB4467691 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4467696)

This host is missing a critical security update according to Microsoft KB4467696 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft JScript Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in Microsoft JScript that could allow an attacker to bypass Device Guard. To exploit the vulnerability, an attacker would first have to access the local machine, and run a specially crafted application to create arbitrary COM objects. The update...

KLA11354 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. An information...

Microsoft Windows JScript Security Feature CVE-2018-8417 Local Security Bypass Vulnerability

Description Microsoft Windows is prone to a local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems...

Microsoft JScript Security Feature Bypass (CVE-2018-8417)

A security bypass vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow remote attackers to bypass security tests and protocols on the affected system...

Injecting Code into Windows Protected Processes using COM - Part 1

Posted by James Forshaw, Google Project Zero At Recon Montreal 2018 I presented “Unknown Known DLLs and other Code Integrity Trust Violations” with Alex Ionescu. We described the implementation of Microsoft Windows’ Code Integrity mechanisms and how Microsoft implemented Protected Processes PP. A...

July 12, 2016 — KB3163912 (OS Build 10240.17024)

July 12, 2016 — KB3163912 OS Build 10240.17024 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Internet Explorer 11, Windows Explorer, and Windows Update. Fixed issue i...

Microsoft Windows - JScript RegExp.lastIndex Use-After-Free

alert'start'; var vars = ; var r = new RegExp; forvar i=0; i20000; i++ varsi = "aaaaa"; r.lastIndex = "aaaaa"; for...

Microsoft Windows - JScript RegExp.lastIndex Use-After-Free Exploit

Exploit for windows platform in category dos / poc alert'start'; var vars = ; var r = new RegExp; forvar i=0; i20000; i++...

Microsoft Windows - JScript RegExp.lastIndex Use-After-Free

Microsoft Windows - JScript RegExp.lastIndex Use-After-Free alert'start'; var vars = ; var r = new RegExp; forvar i=0; i20000; i++ varsi =...

Multiple Cobalt Personality Disorder

Introduction Despite the notion that modern cybersecurity protocols have stopped email-based attacks, email continues to be one of the primary attack vectors for malicious actors — both for widespread and targeted operations. Recently, Cisco Talos has observed numerous email-based attacks that ar...

Researchers Warn of Microsoft Zero-Day RCE Bug

Researchers have discovered a medium-severity Windows vulnerability that enables remote attackers to execute arbitrary code – and Microsoft hasn’t issued a patch yet. The flaw, which was first discovered by Dmitri Kaslov of Telspace Systems, exists within the handling of error objects in JScript,...

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of May 28, 2018

I ended up at an urgent care clinic earlier this week and found out I have strep throat. The doctor who examined me asked me what medicine I had taken prior to my visit to help alleviate my throat pain, to which I replied, “I took a multi-symptom liquid medicine because the pain was keeping me...

(0Day) Microsoft Windows JScript Error Object Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

Vega Stealer Malware Takes Aim at Chrome, Firefox

A malware dubbed Vega Stealer has been uncovered, looking to make off with saved credentials and credit-card information in the Chrome and Firefox browsers. While it’s a simple payload for now, researchers said it has the ability to evolve into something more concerning in the future. Proofpoint,...

MS08-022: Vulnerability in the VBScript and JScript scripting engines could allow remote code execution

MS08-022: Vulnerability in the VBScript and JScript scripting engines could allow remote code execution INTRODUCTION Microsoft has released security bulletin MS08-022. The security bulletin contains all the relevant information about the security update. This information includes file manifest...

Microsoft Windows JScript defineProperty Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows JScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

Microsoft Windows JScript String Manipulation Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code that...

Microsoft Windows JScript String Manipulation Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code that...