553 matches found
New Chrome 0-Day Bug Under Active Attacks – Update Your Browser ASAP!
Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update it immediately to the latest version Google released earlier today. The internet services company has rolled out an urgent update to the browser to address 14 newly discovered...
CVE-2021-26419
Scripting Engine Memory Corruption Vulnerability Recent assessments: architect00 at May 14, 2021 10:33am UTC reported: Details The vulnerability affects Internet Explorer 11 on all Windows Versions. It is located in the jscript9.dll library, which is used to execute javascript. Possible attack...
Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method
Summary: Updated Recommendations Section 04/04/2018 Today a team of security researchers disclosed several software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from many types of computing devices with many different vendors’...
Exploit for Use After Free in Google Android
CVE-2019-2215 CVE-2019-2215 POC for kernel 3.18 Based on Madd...
Citrix ADC (NetScaler) Directory Traversal RCE
This module exploits a directory traversal in Citrix Application Delivery Controller ADC, aka NetScaler, and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0, to execute an arbitrary command payload. Module Options msf use exploit/freebsd/http/citrixdirtraversalrce msf exploitcitrixdirtraversalrce show...
Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period
Google Project Zero will now give organizations a 30-day grace period to patch zero-day flaws it discovers in a new disclosure policy revealed this week aimed at speeding up the time it takes for patches to be adopted. Known for discovering a number of high-profile zero days—in Google’s own...
Policy and Disclosure: 2021 Edition
Posted by Tim Willis, Project Zero At Project Zero, we spend a lot of time discussing and evaluating vulnerability disclosure policies and their consequences for users, vendors, fellow security researchers, and software security norms of the broader industry. We aim to be a vulnerability research...
Google’s Project Zero Finds a Nation-State Zero-Day Operation
Googles Project Zero discovered, and caused to be patched, eleven zero-day exploits against Chrome, Safari, Microsoft Windows, and iOS. This seems to have been exploited by "Western government operatives actively conducting a counterterrorism operation": The exploits, which went back to early 202...
In-the-Wild Series: October 2020 0-day discovery
Posted by Maddie Stone, Project Zero In October 2020, Google Project Zero discovered seven 0-day exploits being actively used in-the-wild. These exploits were delivered via "watering hole" attacks in a handful of websites pointing to two exploit servers that hosted exploit chains for Android,...
F5 Big IP TMM uri_normalize_host Information Disclosure / Out-Of-Bounds Write Vulnerability
Big IP's Traffic Management Microkernels TMM URI normalization incorrectly handles invalid IPv6 hostnames allowing for information disclosure and an out-of-bounds write condition. F5 Big IP - TMM urinormalizehost infoleak and out-of-bounds write Big IP's Traffic Management Microkernels TMM URI...
F5 Big IP TMM uri_normalize_host Information Disclosure / Out-Of-Bounds Write
F5 Big IP - TMM urinormalizehost infoleak and out-of-bounds write Big IP's Traffic Management Microkernels TMM URI normalization incorrectly handles invalid IPv6 hostnames: When urinormalizehost is called with a hostname of the form \u"abcdef\u", urinorminet6 is called with the substring abcdef a...
On Vulnerability-Adjacent Vulnerabilities
At the virtual Enigma Conference, Googles Project Zeros Maggie Stone gave a talk about zero-day exploits in the wild. In it, she talked about how often vendors fix vulnerabilities only to have the attackers tweak their exploits to work again. From a MIT Technology Review article: Soon after they...
Google Discloses Severe Bug in Libgcrypt Encryption Library—Impacting Many Projects
A "severe" vulnerability in GNU Privacy Guard GnuPG's Libgcrypt encryption software could have allowed an attacker to write arbitrary data to the target machine, potentially leading to remote code execution. The flaw, which affects version 1.9.0 of libgcrypt, was discovered on January 28 by Tavis...
Google uncovers new iOS security feature Apple quietly added after zero-day attacks
Google Project Zero on Thursday disclosed details of a new security mechanism that Apple quietly added to iOS 14 as a countermeasure to prevent attacks that were recently found to leverage zero-days in its messaging app. Dubbed "BlastDoor," the improved sandbox system for iMessage data was...
Google uncovers new iOS security feature Apple quietly added after zero-day attacks
Google Project Zero on Thursday disclosed details of a new security mechanism that Apple quietly added to iOS 14 as a countermeasure to prevent attacks that were recently found to leverage zero-days in its messaging app. Dubbed "BlastDoor ," the improved sandbox system for iMessage data was...
Google Research Pinpoints Security Soft Spot in Multiple Chat Platforms
Google Project Zero researcher Natalie Silvanovich outlined what she believes is a common theme when it comes to serious vulnerabilities impacting leading chat platforms. The research, published Tuesday, identifies a common denominator within chat platforms, called “calling state machine”, which...
Sophisticated Watering Hole Attack
Googles Project Zero has exposed a sophisticated watering-hole attack targeting both Windows and Android: Some of the exploits were zero-days, meaning they targeted vulnerabilities that at the time were unknown to Google, Microsoft, and most outside researchers both companies have since patched t...
Google Details Patched Bugs in Signal, FB Messenger, JioChat Apps
In January 2019, a critical flaw was reported in Apple's FaceTime group chats feature that made it possible for users to initiate a FaceTime video call and eavesdrop on targets by adding their own number as a third person in a group chat even before the person on the other end accepted the incomi...
Google Details Patched Bugs in Signal, FB Messenger, JioChat Apps
In January 2019, a critical flaw was reported in Apple's FaceTime group chats feature that made it possible for users to initiate a FaceTime video call and eavesdrop on targets by adding their own number as a third person in a group chat even before the person on the other end accepted the incomi...
Introducing the In-the-Wild Series
This is part 1 of a 6-part series detailing a set of vulnerabilities found by Project Zero being exploited in the wild. To read the other parts of the series, head to the bottom of this post. At Project Zero we often refer to our goal simply as “make 0-day hard”. Members of the team approach this...