Oh look, another serious flaw in Windows – and this one is really bad because it can be exploited directly in Internet Explorer. And even worse than that, this vulnerability is actually being exploited in the wild by cybercriminals – this shows it’s no longer a theoretical attack. Plus of course the fact, it’s actually […]
The big news that is turning the infosec world inside out this week is about a new DLL pre-loading/hijacking bug which effects more than 200 Windows applications including some produced by Microsoft itself. The basis of this exploit is the way in which Windows works and how it loads DLL files used by many applications, […]
Tags: binary planting, dll bug, dll hijacking, dll loading, dll pre-loading, dll preloading, hacking-windows, malware dll, windows binary planting, windows dll bug, windows dll preloading bug, windows vulnerability, windows-exploit, windows-security
Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment
This is a pretty nasty attack and for once Microsoft have actually acknowledged and confirmed this is a critical unpatched vulnerability. Incidentally Microsoft also recently retired Windows XP SP2 from the support cycle, and this vulnerability effects that system and they have stated they will not be patching it. It’s a pretty serious bug and […]
So a pretty serious remote vulnerability has been discovered in Windows 7, as usual Microsoft is downplaying the problem asking you to block the ports on your firewall rather than fixing the issue. I’d imagine the problem would only really be a big issue inside networks as who exposes SMB ports to the outside world […]
Tags: hacking-windows, microsoft, microsoft security, smb exploit, smb flaw, windows, windows 7, windows 7 0day, windows 7 exploit, windows 7 oday, windows 7 security, windows 7 vulnerability, windows vulnerability, windows-exploit, windows-security
Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment
Another reason for Windows users to hate the Microsoft Patch Tuesday policy, The exploit isn’t 100% reliable but it’s still fairly significant in my eyes as it is a critical vulnerability and can be used for code execution. Vista isn’t the most popular OS still so perhaps Microsoft don’t the threat being that wide as […]
Tags: exploit windows, hack windows, hacking-windows, microsoft, patch-tuesday, redmond, smb 2, smb exploit, smb negotiate function, smb2, smb2 exploit, vista, windows vulnerability, windows-exploit, windows-security, windows-vista
Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment
It seems like another fairly critical flaw has been discovered in Microsoft Windows. It’s serious as it allows remote code execution, which basically means if you get hit with it your machine is owned. It seems DirectX 7, 8 and 9 in Windows 2000, XP and Server 2003 are at risk. Windows Vista, Server 2008 […]
Tags: directx exploit, directx vulnerability, hacking directshow, hacking directx, hacking microsoft, hacking quicktime, hacking-windows, malware, microsoft windows, windows, windows vulnerability, windows-exploit, windows-security
Posted in: Exploits/Vulnerabilities, Malware, Windows Hacking | Add a Comment
I’m sure you’ve heard about the Microsoft IE7 Exploit that allows Remote Code Execution on XP & Vista, it turns out it’s actually much worse than first expected. The exploit also affects IE5.01, IE6 and IE8 on all OS versions! That’s a pretty worrying turn of events for MS especially as they are seemingly leaving […]
Tags: 0 day exploit, 0day, 0day ie exploit, hacking internet explorer, hacking-windows, IE, IE-exploit, ie5 exploit, ie6 exploit, ie7, ie7 exploit, ie8 exploit, internet explorer security, internet explorer vulnerability, internet-explorer, internet-explorer-7, internet-explorer-exploit, remote code execution, windows vulnerability, windows-security
Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment
It seems a new, fairly serious flaw has been discovered in Internet Explorer 7 – and as accounts go it’s been around for a couple of months in the underground. The worrying part is, patch Tuesday was yesterday and after testing it’s been discovered that this flaw WAS NOT patched in the updates. ISC reports […]
Tags: 0 day exploit, 0day, 0day ie exploit, hacking internet explorer, hacking-windows, IE, IE-exploit, ie7, ie7 exploit, internet explorer security, internet explorer vulnerability, internet-explorer, internet-explorer-7, internet-explorer-exploit, patch-tuesday, remote code execution, windows vulnerability, windows-security
Posted in: Exploits/Vulnerabilities, Windows Hacking | Add a Comment
This Firewire hack seems to be creating a big buzz, from what I’ve read it also works on Vista as for some odd reason the Firewire port gets access to the whole memory space in DMA mode – not just what it needs to function – so you can read from anything stored in memory […]
