OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote malicious users to execute arbitrary code via a crafted web site, as demonstrated by an array-redimensioning attempt that triggers improper handling of a size value in the SafeArrayDimen function, aka "Windows OLE Automation Array Remote Code Execution Vulnerability."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows server 2008 r2 |
||
microsoft windows 7 - |
||
microsoft windows server 2008 - |
||
microsoft windows vista - |
||
microsoft windows rt - |
||
microsoft windows rt 8.1 - |
||
microsoft windows server 2012 - |
||
microsoft windows 8.1 - |
||
microsoft windows server 2003 - |
||
microsoft windows server 2012 r2 |
||
microsoft windows 8 - |
In late April we found and wrote a description of CVE-2018-8174, a new zero-day vulnerability for Internet Explorer that was picked up by our sandbox. The vulnerability uses a well-known technique from the proof-of-concept exploit CVE-2014-6332 that essentially “corrupts” two memory objects and changes the type of one object to Array (for read/write access to the address space) and the other object to Integer to fetch the address of an arbitrary object. But whereas CVE-2014-6332 was aimed at...
In late April 2018, a new zero-day vulnerability for Internet Explorer (IE) was found using our sandbox; more than two years since the last in the wild example (CVE-2016-0189). This particular vulnerability and subsequent exploit are interesting for many reasons. The following article will examine the core reasons behind the latest vulnerability, CVE-2018-8174. Our story begins on VirusTotal (VT), where someone uploaded an interesting exploit on April 18, 2018. This exploit was detected by sever...
According to KSN data, Kaspersky Lab solutions detected and repelled 479,528,279 malicious attacks from online resources located in 190 countries all over the world. 79,209,775 unique URLs were recognized as malicious by web antivirus components. Attempted infections by malware that aims to steal money via online access to bank accounts were registered on 288 thousand user computers. Crypto ransomware attacks were blocked on 240,799 computers of unique users. Kaspersky Lab’s file antivirus det...
Net menaces show warped sense of humour in attack on Grauniad story
Hackers have hosed an article published by The Guardian using the world's nastiest exploit kit Angler to pop the machines of exposed readers. The attack firmly answers the article's headline positing the question 'is cybercrime out of control', based on arguments in a book by one Misha Glenny. Angler is the most capable and prolific exploit kit in use by criminals. It allows attackers to run choice cuts of the latest Flash, Java, and browser exploits through which un=patched users can be targete...
Let’s examine a couple of interesting delivery techniques from an APT active for the past several years, the Spring Dragon APT. A paper released today by our colleagues at Palo Alto Networks presented a portion of data on this crew under the label “the Lotus Blossom Operation“, likely named for the debug string present in much of the “Elise” codebase since at least 2012: “d:\lstudio\projects\lotus\…”. The group’s capabilities are more than the much discussed CVE-2012-0158 ex...
Multiple rival researchers warn of Cryptowall delivery ruse targeting employers
Security researchers are focussing their crosshairs on what appears to be high-volume spam and exploit campaigns to deliver the latest iteration of the Cryptowall ransomware. Boffins from the SANS Institute, Cisco, and MalwareBytes have identified a dangerous if goofy spam campaign slinging the nasty ransomware masquerading as file attachment bearing a résumé. SANS handler Brad Duncan says the two campaigns to foist Cryptowall 3.0, also known as Croti, appear to be the handiwork of one attacke...
One of the most important features of a malicious attack is its ability to conceal itself from both protection solutions and victims. The main role in performing a hidden attack is played by exploits to software vulnerabilities that can be used to secretly download malicious code on the victim machine. Generally, exploits are distributed in exploit packs which appear in the form of plugin detects (to identify the type and version of software installed on the user computer) and a set of exploits,...
Playboy ploy not beneath APT3
Sysadmins who have not yet patched their Windows boxes against the 18-year-old "unicorn-like" OLE bug disclosed last month could expect a deluge of spear phishing smut from a group once confined to lofty targeted zero-day attacks. The talented APT3 group was behind widespread zero-day attacks code-named Clandestine Fox earlier this year and was now targeting recently patched Windows vulnerabilities, according to FireEye researchers. That group had begun spewing spear-phishing emails targeting tw...
We will all remember the 11th of November
Security researcher Robert Freeman has discovered an 18-year-old, critical, remotely-exploitable vulnerability di tutti vulnerabiliti which affects just about ALL versions of Windows - all the way back to Windows 95. The vulnerability (CVE-2014-6332) rated a critical score of 9.3 in all versions of Windows and was described as a rare "unicorn-like" bug in Internet Explorer-dependent code that opens avenues for man in the middle attacks. The bug bypasses Redmond's lauded Enhanced Mitigation Exper...