tag
Vulnerability

Vulnerability Musings and Reflexive Thinking

Some of us are currently enjoying some excellent presentations at a CARO workshop in Budapest on exploits and vulnerabilities. Hopefully, some of them will eventually be made public, so that we’ll be able to include pointers to specific resources. While there’s been a great deal of technical detail made available that has passed me by

Targeted Malware and Microsoft

Microsoft issued an advisory last week – Microsoft Security Advisory (969136) "Vulnerability in Microsoft Office PowerPoint Could Allow Remote Code Execution" – that "could allow remote code execution if a user opens a specially crafted PowerPoint file." The advisory uses very similar language to Microsoft’s recent advisory on an Excel vulnerability, referring to "only…limited and

Patches Despatches

In a previous blog relating to Acrobat vulnerabilities, I suggested that you might want to sign up for Adobe’s alerts service. I did, but still haven’t received any news from it. However, it appears that The Register (or one of its sources) did, so I’m nevertheless aware that Adobe has released updates to address the

Excel Exasperation, Acrobat Aggro

As The Register has pointed out, the Microsoft Security Bulletin Advance Notification for March 2009 doesn’t mention a forthcoming patch for the Excel vulnerability we’ve already flagged in this blog here and here and here. Since, as John Leyden remarks, the exploit is being actively exploited, it may seem that Microsoft are not taking the issue seriously

Acrobat Amendment

A reminder about about the Acrobat reader vulnerability we blogged about several times recently (http://www.eset.com/threat-center/blog/?p=593, http://www.eset.com/threat-center/blog/?p=579, http://www.eset.com/threat-center/blog/?p=572). Remember I said "As we’ve said previously, disabling JavaScript, while it doesn’t address the underlying vulnerability, stops known exploits from working properly"? Predictably, there are now known exploits that don’t use the JavaScript heap spray trick. While I’m

Targeted Excel Malware Revisited.

Further to our blog last week on targeted attacks exploiting a vulnerability found in a number of Excel versions including  Mac versions, viewers, and the Open XML File Format Converter for Mac. While we already have a specific detection for the threat we call X97M/TrojanDropper.Agent.NAI, we also have generic detection for the exploit, flagged as X97M/Exploit.CVE-2009-0238.Gen. This detection

More Acrobatics

For the geekier among us wanting or needing to know more about the Adobe vulnerability that Randy and I both blogged on yesterday, here are a few resources: More from Shadowserver at http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20090221 As we’ve said previously, disabling JavaScript, while it doesn’t address the underlying vulnerability, stops known exploits from working properly. There are rules

MS09-002 Exploits: Old Dogs, New Tricks?

A few days ago, I promised (threatened) to make some general points about biasing test results, but travel and other obligations have been getting in the way. I’ll get back to that very shortly, but in the meantime, I want to look at an issue with the latest round of Microsoft patches that I was

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
Copyright © 2013 ESET, All Rights Reserved.