Pretty unusual for Microsoft but they’ve rushed out a fast fix for a 0-day Internet Explorer vulnerability which allows remote code execution and malware dropping. It doesn’t effect the latest version of Internet Explorer (9) but it effects all the common previous versions (6, 7 & 8) – which still accounts for the majority of [...]
Another huge raft of critical fixes has been pushed out by Microsoft across almost their entire range of products, including client and server side software and the Windows OS itself. It’s been a while since I’ve seen such a huge variety of security issues in one update including 5 critical vulnerabilities. If you are running [...]
Well it’s March again and well we love March because it’s Pwn2Own time! Every year around this time we get some goodies to discuss way back since: 2008 – Mac owned on 2nd day of Pwn2Own hack contest 2009 – Charlie Miller Does It Again At PWN2OWN 2010 – Mozilla Beats Apple & Microsoft to [...]
There’s a lot of circumstantial evidence surround this as Microsoft themselves haven’t clarified or publicly announced anything related to the CSS Cross-Origin Theft bug – but it seems fairly clear. Some media sources are quoting it as a ‘new bug‘ – which it isn’t, according to other sources it has been known about for at [...]
There has been some very clever attacks lately, especially involving browsers and the kind of data they can leak when probed the right way. The biggest press recently was generated by the history leak that occurs in most browsers. Another clever attack that got some coverage lately was tabnapping and the latest is another fascinating [...]
What a massive mother-load of patches Microsoft has unleashed on this month patching more than 34 security vulnerabilities including the fairly high profile vulnerability exploited at the Pwn2Own contest earlier this year in April. Good news as long as all the average Internet users actually use Windows Update and install the latest patches, which somehow [...]
I’m sure you’ve heard about the Microsoft IE7 Exploit that allows Remote Code Execution on XP & Vista, it turns out it’s actually much worse than first expected. The exploit also affects IE5.01, IE6 and IE8 on all OS versions! That’s a pretty worrying turn of events for MS especially as they are seemingly leaving [...]
It seems a new, fairly serious flaw has been discovered in Internet Explorer 7 – and as accounts go it’s been around for a couple of months in the underground. The worrying part is, patch Tuesday was yesterday and after testing it’s been discovered that this flaw WAS NOT patched in the updates. ISC reports [...]
Some new statistics just came out regarding Browser Security, this is more in terms of which users are most likely to apply patches and be using the most secure version. I would have thought Firefox would have been pretty high since the newer series prompt automatically new patches. My only guess is a lot of [...]
Our Polish friend and expert security researcher, Michal Zalewski (lcamtuf), known for his endless stream of vulnerabilities in all manners of software, has struck again. This time with some pretty serious flaws in both Internet Exploder Explorer and Firefox. This time it’s 4, 2 in IE and 2 in Firefox. The first which effects fully [...]
© Darknet – The Darkside 2000-2013. Don't Learn to HACK - Hack to LEARN.
Posted in: 
Recent Comments