New Angler Exploits Bypass EMET Mitigations

New Microsoft Silverlight and Adobe Flash exploits that bypass Microsoft’s Enhanced Mitigation Experience Toolkit EMET have found their way into an updated version of the Angler Exploit Kit. EMET is a suite of freely available tools for Windows machines that mitigate memory-based attacks. The...

April Patch Tuesday Fixes 11 Vulnerabilities, Last Updates for XP

As expected, Microsoft issued its final epitaph for Windows XP today, pushing out four security bulletins for 11 vulnerabilities, including the last updates for the oft-maligned, thirteen-year-old operating system. Despite it being XP’s last gasp from a security standpoint, it’s actually a...

Word Zero Day Attacks Use Complex Chain of Exploits

The exploit that attackers are using to target a zero day vulnerability in Microsoft Word relies on a complex series of pieces, including an ASLR bypass, ROP techniques and shellcode with several layers of tools designed to detect and defeat analysis. Microsoft officials said the exploit is being...

Unchecked Buffer in Microchip TCP/IP Stack Could Allow Remote Code Execution

Unchecked Buffer in Microchip TCP/IP Stack Could Allow Remote Code Execution ============================= ==== General Information ==== ============================= == Executive Summary == The function TCPIPIPV6ProcessFragmentationHeader does not correctly validate the "fragment offset" field i...