March 19, 2019—KB4489888 (OS Build 15063.1716)

March 19, 2019—KB4489888 OS Build 15063.1716 Reminder: March 12th and April 9th will be the last two Delta updates for Windows 10, version 1703. Security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change plea...

February 19, 2019—KB4487016 (Preview of Monthly Rollup)

February 19, 2019—KB4487016 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4487000 released February 12, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Updates...

CVE-2019-0667

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0666, CVE-2019-0772...

dnSpy - .NET Debugger And Assembly Editor

dnSpy is a debugger and .NET assembly editor. You can use it to edit and debug assemblies even if you don't have any source code available. Want to say thanks? Click the star at the top of the page. Or fork dnSpy and send a PR! The following pictures show dnSpy in action. It shows dnSpy editing a...

Microsoft Internet Explorer VBScript Engine Remote Memory Corruption Vulnerability (CNVD-2019-39018)

Microsoft Internet Explorer IE is a Web browser that comes with the Windows operating system. A memory corruption vulnerability exists in Microsoft IE 9, 10, and 11 that stems from a VBScript execution policy that does not strictly restrict VBScript.A remote attacker can exploit this vulnerabilit...

Microsoft Zero-Day Patch for JET Bug Incomplete, Claims Firm

UPDATE Microsoft patched a zero-day in its JET Database Engine this week – but the patch was incomplete, according to researchers at 0patch. The company has developed a micropatch that corrects that hole, it said Friday. The memory corruption vulnerability CVE-2018-8423 could allow remote...

State Govts. Warned of Malware-Laden CD Sent Via Snail Mail from China

Here's a timely reminder that email isn't the only vector for phishing attacks: Several U.S. state and local government agencies have reported receiving strange letters via snail mail that include malware-laden compact discs CDs apparently sent from China, KrebsOnSecurity has learned. This...

Soroush IM Desktop app 0.15 - Authentication Bypass Vulnerability

Exploit for linux platform in category local exploits Exploit Title: Soroush IM Desktop app 0.15 - Authentication Bypass Exploit Author: VortexNeoX64 Vendor Homepage: https://soroush-app.ir Software Link: https://soroush-app.ir/UploadedData/Soroush.exe Version: 0.15 BETA Tested on: Windows 10 180...

MS08-070: Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) could allow remote code execution

Resolves vulnerabilities in Visual Basic 6.0 Runtime Extended Files ActiveX Controls that could allow remote code execution.INTRODUCTIONMicrosoft has released security bulletin MS08-070. To view the complete security bulletin, visit one of the following Microsoft Web sites:Home users:...

MS10-031: Vulnerability in Microsoft Visual Basic for Applications could allow remote code execution

Resolves a security vulnerability that exists in Microsoft Visual Basic for Applications that could allow remote code execution of a maliciously modified file.INTRODUCTIONMicrosoft has released security bulletin MS10-031. To view the complete security bulletin, visit one of the following Microsof...

Microsoft Windows scripting engine information disclosure vulnerability

Microsoft Windows 7 SP1 is a series of operating systems released by Microsoft. scripting engine is one of the scripting engines. An information disclosure vulnerability exists in the scripting engine in Microsoft Windows. An attacker can exploit this vulnerability by constructing a specially...

NET Debugger & Assembly Editor: dnSpy

dnSpy is a tool to reverse engineer .NET assemblies. It includes a decompiler, a debugger and an assembly editor and more and can be easily extended by writing your own extension. It uses dnlib to read and write assemblies so it can handle obfuscated assemblies eg. malware without crashing...

India Goods and Services Tax Network (GSTN) Offline Utility Elevation of Privilege Vulnerability

A security vulnerability exists in GSTNofflinetool in the India Goods and Services Tax Network GSTN Offline Utility tool prior to version 1.2. A local attacker can exploit this vulnerability by replacing winstart-server.vbs with arbitrary VBScript code to gain privileges...

OSIsoft PI ProcessBook and PI ActiveView

CVSS v3 High ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: OSIsoft Equipment: PI ProcessBook and PI ActiveView Vulnerability: Using components with known vulnerabilities AFFECTED PRODUCTS OSIsoft reports that the vulnerability affects the following PI products: PI ProcessBoo...

CVE-2017-0199: analysis Microsoft Office RTF vulnerability-vulnerability warning-the black bar safety net

FireEye recently detected using CVE-2017-0199 security vulnerabilities malicious Microsoft Office RTF document, be aware of CVE-2017-0199, but had not been disclosed vulnerability. When the user opens that contains the exploit Code of the document, the malicious code will download and execute the...

CVE-2017-0199 Used as Zero Day to Distribute FINSPY Espionage Malware and LATENTBOT Cyber Crime Malware

FireEye recently identified a vulnerability – CVE-2017-0199 – that allows a malicious actor to download and execute a Visual Basic script containing PowerShell commands when a user opens a Microsoft Office RTF document containing an embedded exploit. We worked with Microsoft and published the...

MS14-011: Description of the security update for Visual Basic Scripting Edition (VBScript) 5.7: February 11, 2014

MS14-011: Description of the security update for Visual Basic Scripting Edition VBScript 5.7: February 11, 2014 INTRODUCTION Microsoft has released security bulletin MS14-011. To view the complete security bulletin, go to one of the following Microsoft websites: Home...

Microsoft Office Information Disclosure Vulnerability (CNVD-2016-07925)

Microsoft Office is a suite of office software products developed by Microsoft.Visual Basic macros is one of the programming languages dedicated to performing common automation OLE tasks in desktop applications. An information disclosure vulnerability exists in Visual Basic macros in Microsoft...

CVE-2016-3375

The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through 11, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote attackers to...

CVE-2016-0141

The Visual Basic macros in Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 export a certificate-store private key during a document-save operation, which allows attackers to obtain sensitive information via unspecified vectors, aka "Microsoft Information Disclosure Vulnerability."...