Adobe Flash new 0-day – Update

Update: three ExploitKits have so far integrated this new vulnerability. Our RTI for QId: 120098 in ThreatPROTECT is nowExploitKit and ActiveAttacks. Original: According to Adobe a new 0-day vulnerability in its Flash player is under attack in the wild. The vulnerability in tagged as CVE-2016-4117 and affects Flash player version equal or less than V21.0.0.226. Adobe expects … Continue reading “Adobe Flash new 0-day – Update”

Internet Explorer under active attack

Microsoft has released a new version of Internet Explorer 7-11 that addresses the critical vulnerability CVE-2016-0189 together with four other vulnerabilities. According to Microsoft’s bulletins MS16-051 and MS16-053, CVE-2016-0189 is under active attack in the wild. Our RTI for QId: 100284 and 91220 is ActivelyAttacked.

ImageMagick vulnerability under active attack

ImageMagick is a popular open source package for image manipulation. A number of vulnerabilities have been identified in the software: one of them, CVE-2016-3714, allows for Remote Code Execution (RCE) and is under active attack in the wild. There is no patch available at the moment, but users can configure the “policy.xml” file to neutralize … Continue reading “ImageMagick vulnerability under active attack”

Accellion FTA Vulnerabilities

Security researcher Orange recently managed to gain access to a file transfer server at Facebook. He used a set of vulnerabilities that he found in the product that provides the service: the Accellion File Transfer Server (FTA). He notified Facebook under their bug bounty program and was awarded US$ 10,000. Accellion addressed vulnerabilities CVE-2016-2350/1/2/3 in … Continue reading “Accellion FTA Vulnerabilities”

Microsoft Windows under active attack

Microsoft published MS16-039 for all versions of Windows on April 12, 2016. MS16-039 addresses four vulnerabilities, one rated “critical” allowing for Remote Code Execution, three rated “important” allowing for escalation of privilege. Two of the “important” vulnerabilities (CVE-2016-0165 and CVE-2016-0167) are under active attack. In a typical scenario an attacker would use a first vulnerability … Continue reading “Microsoft Windows under active attack”

Adobe Flash partial 0-day patched in OOB release

Adobe addressed a partial 0-day vulnerability its Flash player with a software release on April 7, 2016. The new version of Flash fixes 24 vulnerabilities, with CVE-2016-1019 under active attack through the Magnitude Exploit Kit. The vulnerability is a partial 0-day because in the newest version of Flash a mitigation strategy introduced by Adobe prevents … Continue reading “Adobe Flash partial 0-day patched in OOB release”

Adobe Flash Player under new 0-day attack

Adobe announced that a new version of their Flash Player product is expected to be released this week. The new version will address CVE-2016-1019, a critical vulnerability that is currently being exploited in the wild. However, if you are current with your Flash player patches you are protected. If you have the newest Flash player … Continue reading “Adobe Flash Player under new 0-day attack”

Latest Adobe 0-day now in Angler Exploit Kit

Security researcher Kafeine documented attacks against Adobe Flash player v20.0.0.306 coming from the Angler Exploit Kit. The vulnerability exploited is CVE-2016-1001. Adobe addressed the vulnerability in APSB16-08 on March, 10. The RTI on QId: 124779 is now on level: ExploitKit.

Oracle patches 0-day in Java

Oracle published a new version of Java today. The new version Java v8 update 77 addresses a single critical vulnerability with CVE code CVE-2016-0636. This vulnerability had been disclosed publically 2 weeks ago on the fulldisclosure list. Security researcher Adam Gowdiak, CEO of Security Explorations classified it as a variant of an older issue (CVE-2013-5838) … Continue reading “Oracle patches 0-day in Java”

Microsoft Windows local 0-day (MS15-135)

Microsoft has informed in its Patch Tuesday December 2015 that CVE-2015-6175, a local privilege escalation vulnerability in under attack in the wild. The vulnerability affects only Windows 10 and is detailed in MS15-135. Our RTI for QID: 91133 is ActivelyAttacked