The Latest in IT Security

Posts Tagged ‘0 day’

For its October Patch Tuesday, Microsoft has patched 61 vulnerabilities (27 of them critical) and one Office zero-day labeled as “important.” The memory corruption zero-day vulnerability in Microsoft Office (CVE-2017-11826) is reported to be actively exploited in the wild. “An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the […]

Read more ...

As we’ve discussed in previous posts, we are seeing more malware abusing Java issues, including CVE-2012-4681. Currently this vulnerability is an 0-day, and to date there is no patch available from the vendor. It is known that JRE (Java Runtime Environment) 7 is vulnerable to attack on this sandbox-breach vulnerability, while JRE 6 is not. […]

Read more ...

Last week, Adobe released an update (APSB11-18) for Adobe Flash Player, fixing a memory corruption vulnerability (CVE-2011-2110) that would allow attackers to take control of the targeted system. In the Advisory, Adobe mentioned reports of active exploitation. We have been tracking the use of this exploit through our signatures (originally as Exploit:SWF/ShellCode.A, and then later […]

Read more ...





Latest Comments

Social Networks