DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 28th April 2014
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default Nasty IE Zero-Day Used in Attacks Against Defense, Financial Sectors: FireEye

From http://www.securityweek.com/nasty-ie...ectors-fireeye

Quote:
Researchers from FireEye have discovered a nasty zero-day exploit that bypasses the ASLR and DEP protections in Microsoft Windows and is being used in targeted attacks.

The security flaw is a remote code execution vulnerability (CVE-2014-1776) that affects versions of IE6 through IE11, which in total accounted for 26.25% of the browser market in 2013.

The campaign is currently targeting US-based firms tied to the defense and financial sectors, a FireEye spokesperson told SecurityWeek, and is specifically targeting IE9 through IE11.

“The exploit leverages a previously unknown use-after-free vulnerability, and uses a well-known Flash exploitation technique to achieve arbitrary memory access and bypass Windows’ ASLR and DEP protections,” FireEye wrote in a blog post Saturday.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Brute force attacks Dr-D OpenBSD Security 1 18th July 2011 04:06 PM
ssh brute force attacks sniper007 FreeBSD Security 21 12th June 2011 01:28 AM
OpenBSD Financial Situation rpindy OpenBSD General 3 2nd August 2010 03:14 PM
attacks DDoS Sam OpenBSD Security 6 18th December 2009 12:07 AM
What is best way to monitor for bad sectors? PeterSteele FreeBSD General 9 16th August 2008 02:41 AM


All times are GMT. The time now is 11:18 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick