Security researcher Kafeine documented attacks against Adobe Flash player v184.108.40.2066 coming from the Angler Exploit Kit. The vulnerability exploited is CVE-2016-1001. Adobe addressed the vulnerability in APSB16-08 on March, 10. The RTI on QId: 124779 is now on level: ExploitKit.
Oracle published a new version of Java today. The new version Java v8 update 77 addresses a single critical vulnerability with CVE code CVE-2016-0636. This vulnerability had been disclosed publically 2 weeks ago on the fulldisclosure list. Security researcher Adam Gowdiak, CEO of Security Explorations classified it as a variant of an older issue (CVE-2013-5838) … Continue reading “Oracle patches 0-day in Java”
Virustotal, a free online service for file-analysis has seen the first samples of RTF files that abuse CVE-2016-0021. CVE-2016-0021 is a Remote Code Execution vulnerability which can be triggered in Word or through the preview pane in Outlook. It was addressed in MS16-029 in Microsoft Patch Tuesday March 2016. We consider Microsoft Word under targeted … Continue reading “Microsoft Word under active Attack (MS16-029)”
On March 10 Adobe released an out-of-band update for their Flash Player that addresses a vulnerability (CVE-2016-1010) actively exploited in targeted attacks. APSB16-08 addresses also another 22 vulnerabilities. A successful exploit of this vulnerability gives the attacker Remote Code Execution on the target machine. Attack vector includes malicious websites set up for the purpose of … Continue reading “Adobe patches 0-day in Flash with out-of-band update”
Popular Bittorrent client Transmission 2.90 for Mac OS X has been trojaned by Ransomware. v2.91 is free of the Ransomware and we recommend to install 2.92 for a version of Transmission that also removes the installed Ransomware.
In January’s Patch Tuesday Microsoft addresses a vulnerability in Silverlight that was reported by Kaspersky. A week later on January 13 Kaspersky reported that the vulnerability was already being exploited in the wild and we set our RTI to “Actively Attacked”. Just 5 weeks later there has been a new development: security researcher @Kafeine has … Continue reading “Angler ExploitKit weaponizes Silverlight MS16-006”
On January 22 the Angler ExploitKit integrated the recent vulnerability CVE-2015-8651 into its arsenal. With that the exploit becomes widely available. We have updated the corresponding RTI to “ExploitKit”. Patching Adobe Flash player by applying APSB16-01 now becomes crucial as attacks against the vulnerability are now bound to be common.
On January 12 Microsoft published MS16-006 a new version of Silverlight, Microsoft’s Flash competitor that is widely installed due to its initial use by Netflix. The new version addresses 2 critical vulnerabilities. On January 13, Kaspersky who had reported that bug to Microsoft, explained that the vulnerability was already being exploited in the wild. They … Continue reading “Silverlight MS16-006 seen in targeted attacks”
On December 27 Adobe released an out-of-band update APSB16-01 for their Flash Player to address a vulnerability (CVE-2015-8651) that is already under attack. Under ThreatProtect we have set the RTI to “Actively Attacked”, which means there are targeted attacks on this vulnerability underway. We suggest patching your Flash players as quickly as possible.
Microsoft has informed in its Patch Tuesday December 2015 that CVE-2015-6175, a local privilege escalation vulnerability in under attack in the wild. The vulnerability affects only Windows 10 and is detailed in MS15-135. Our RTI for QID: 91133 is ActivelyAttacked