We observed a zero-day attack aimed at a Chinese high school webpage and leveraged the Microsoft XML Core Services vulnerability. This discovery came about just days after Microsoft released an advisory regarding the vulnerability. The perpetrators behind the attack compromised a high school entrance exam result page in Jiangsu, China, which is visited by about […]
As discussed in our previous blog entries, we’ve found an exploit (Trend Micro detection HTML_EXPLOYT.AE) that targets a vulnerability found in Microsoft XML Core Services (CVE-2012-1889). Based on our analysis, HTML_EXPLOYT.AE contains three key features: its usage of Microsoft XML Core Services, heap spray, and No ROP (Return-Oriented-Programming) function. Our two initial blog entries already […]
Last month, Microsoft released a fix tool in order to address a vulnerability in Microsoft XML Core Services. The said vulnerability, according to the Microsoft Security Advisory, could allow remote code execution if a user views a specifically crafted webpage using Internet Explorer. It has been given the identifier CVE-2012-1889. Since the vulnerability exists in […]
Latest Comments