Flash, Reader, Firefox and IE All Fall On First Day of Pwn2Own

Four different research teams on Wednesday cracked four products–Adobe Flash, Reader, Mozilla Firefox, and Microsoft Internet Explorer—and collectively earned a payout of $317,000 on the first day of Pwn2Own 2015. The annual hacking contest, which kicked off Wednesday in Vancouver, runs...

Taming the wild copy: Parallel Thread Corruption

Posted by Chris Evans, Winner of the occasional race Back in 2002, a very interesting vulnerability was found and fixed in the Apache web server. Relating to a bug in chunked encoding handing, the vulnerability caused a memcpy call with a negative length with the destination on the stack. Of...

Adobe Flash Player - PCRE Regex (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Adobe Flash Player PCRE Regex Vulnerability", 'Description' = %q This module exploits a vulnerability found in Adobe Flash Player. A...

Adobe fixes 1 1 Flash high-risk vulnerabilities, mostly by the Google Project Zero team found-vulnerability warning-the black bar safety net

Following the Microsoft in this week's bug fix may fix the Stuxnet and FREAK vulnerability after, Adobe also ushered in a massive patch update. The Adobe update the Flash Player on the 1 1 high-risk vulnerabilities, most of which are remote arbitrary code execution vulnerability. Affected Softwar...

March 2015 Adobe Flash Player Security Update APSB15-05

Adobe this afternoon pushed out a Flash Player update patching 11 critical security vulnerabilities, most of which lead to remote code execution. None are being publicly exploited, Adobe said. Versions 16.0.0.305 and earlier of the Flash Player Desktop and Flash Player for Google Chrome are...

Adobe Flash Player PCRE Regex Vulnerability

This module exploits a vulnerability found in Adobe Flash Player. A compilation logic error in the PCRE engine, specifically in the handling of the \c escape sequence when followed by a multi-byte UTF8 character, allows arbitrary execution of PCRE bytecode. This module requires Metasploit:...

Internet Bug Bounty: Bad Write in TTF font parsing (win32k.sys)

This bug was originally reported through Project Zero at Google. Alex Rice suggested to me that I could potentially receive a bounty through Hacker One so I am also opening a report here. The vulnerability reference numbers are MS15-010 CVE-2015-0059 The original bug report is...

Google Project Zero Vulnerability Disclosure Grace Period

Google’s unwavering vulnerability disclosure deadlines are the latest chapter in a decades-long debate about how to best inform affected users that there’s a security problem with their software. Since the start of the year, Google’s 90-day clock has most notably ticked down to zero on a trio of...

Thunderstrike Patch Slated for Inclusion in New OS X Build

In addition to patching the three Project Zero vulnerabilities disclosed last week, Apple is apparently readying a fix for the Thunderstrike boot attack as well, something that will purportedly rid all Macs running Yosemite of the issue. All of the vulnerabilities have reportedly been fixed in...

Google reveals 3 Apple OS X Zero-day Vulnerabilities

After exposing three critical zero-day vulnerabilities in Microsoft's Windows operating systems, Google's Project Zero vulnerability research program has revealed the existence of three more zero-day vulnerabilities, but this time, on Apple's OS X platform. The team has published three zero-day...

Google Project Zero Discloses Another Windows Zero Day

Two more unpatched Windows vulnerabilities on Thursday crossed into the public domain after the expiration of Google Project Zero’s self-imposed 90-day waiting period before disclosing bug details. Microsoft will patch only one of the vulnerabilities—in the upcoming February Patch Tuesday securit...

Google vs. Microsoft — Google reveals Third unpatched Zero-Day Vulnerability in Windows

Microsoft has heavily criticized Google and its 90-days security disclosure policy after the firm publicly revealed two zero-day vulnerabilities in Microsoft’s Windows 8.1 operating system one after one just days before Microsoft planned to issue a patch to kill the bugs. But, seemingly Google...

Google re-aeration Windows8. 1 vulnerability, Microsoft anger-vulnerability warning-the black bar safety net

At Microsoft yet had released vulnerability patches, the Google Project Zero team has once again released its Windows8. 1 System and a new vulnerability, the vulnerability can lead to elevation of privileges. Google a series of vulnerability disclosures angered Microsoft. Google reject extension...

Google Discloses Another Unpatched Windows 8.1 Vulnerability

Google has once again released the details of a new privilege escalation bug in Microsoft's Windows 8.1 operating system before Microsoft planned to patch the bug, triggering a new quarrel between the two tech giants. This is second time in less than a month when the Google’s security research te...

January 2015 Adobe Flash Player Security Update

Adobe today released the year’s first round of security updates for Flash Player, addressing nine vulnerabilities in the software including several critical bugs that could allow an attacker to take control of an affected system. According to a security bulletin posted by the company today the...

Google Project Zero Discloses Windows Zero Day

Update: Google’s Project Zero has disclosed the details of an unpatched Windows vulnerability reported to Microsoft in September. The disclosure was made on Monday upon the expiration of 90-day waiting period imposed by Google researchers. Microsoft has yet to patch the Windows 8.1 vulnerability...

Yahoo security team: a vulnerability 9 0 days without repair, open to the public details-vulnerability warning-the black bar safety net

Yahoo security team start to use with Google Project Zero, as the vulnerability disclosure policy--in the vulnerability information to notify the affected vendor of 9 0 days, the external disclosure of vulnerability details. The black bar safety net science: on the Google Project Zero Google...

Yahoo Plans to Disclose All New Bugs It Finds Within 90 Days

Yahoo officials say that the company will disclose any new vulnerabilities that the company’s security team finds within 90 days of discovery. The new policy is the same one used by Google’s Project Zero, a team of researchers that looks for vulnerabilities in a variety of commonly used software...

Mac OS X IOKit Keyboard Driver Root Privilege Escalation Exploit

A heap overflow in IOHIKeyboardMapper::parseKeyMapping allows kernel memory corruption in Mac OS X before 10.10. By abusing a bug in the IORegistry, kernel pointers can also be leaked, allowing a full kASLR bypass. Tested on Mavericks 10.9.5, and should work on previous versions. The issue has be...

Mac OS X IOKit Keyboard Driver Root Privilege Escalation

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' class Metasploit3 'Mac OS X IOKit Keyboard Driver Root Privilege Escalation', 'Description' = %q A heap overflow in...