A new zero-day script injection vulnerability has been confirmed in Windows and proof-of-concept attack code has already been published on public websites.The flaw, identified as CVE-2011-0096, is located in the MHTML (MIME Encapsulation of Aggregate HTML) protocol handler and affects all supported version of Windows... |
31 January 2011
00:11 GMT |
 |
|
Faced with no response from the vendor for months, a security researcher published exploit code for a critical vulnerability in a widespread Chinese SCADA software package.The affected software is called KingView and is developed by Beijing WellinControl Technology Development Co., Ltd., commonly referred to as Welli... |
11 January 2011
07:04 GMT |
|
|
Hackers have released proof-of-concept exploit code for an yet unpatched Windows Vista and 7 privilege escalation vulnerability leveraged by the infamous Stuxnet worm.Stuxnet is a highly complex threat designed for industrial espionage and sabotage, which is widely considered to be the most sophisticated piece of mal... |
22 November 2010
02:54 GMT |
|
|
Adobe has confirmed the existence of an unpatched critical remote code execution vulnerability in Shockwave Player, which was publicly disclosed yesterday.The issue was identified by an outfit called Abyssec Security Research, which notes that it can be exploited by opening a specially crafted DIR or DCR file."A crit... |
22 October 2010
02:30 GMT |
|
|
Security researchers have released proof-of-concept exploit code for a remote code execution vulnerability in Office for Windows and Mac, that was patched earlier this month.Identified as CVE-2010-1245, the flaw is described as an Microsoft Excel SxView record parsing memory corruption.It affects Office Excel 2002, M... |
1 October 2010
08:37 GMT |
|
|
The author of the JailbreakMe service has released the source code of the entire website including the exploits for the two critical vulnerabilities patched by Apple, which were leveraged to unlock the device.The version of the JailbreakMe.com website launched at the end of last month was actually the second iteratio... |
12 August 2010
02:41 GMT |
|
|
A reverse engineer has published Proof-of-Concept attack code exploiting the critical LNK processing vulnerability confirmed by Microsoft last week. Meanwhile, another researcher has released a tool, which allows users to protect themselves until a permanent patch becomes available.A reverse engineer, going by the on... |
19 July 2010
10:11 GMT |
|
|
Security researchers have encountered a malicious PDF exploiting an unfixed vulnerability in Adobe Reader and Acrobat, which makes use of complex techniques in order to avoid detection. The document is believed to be part of a highly targeted attack.The malicious file has been analyzed by Bojan Zdrnja, a security res... |
5 January 2010
11:02 GMT |
|
|
A fake exploit for a zero-day OpenSSH vulnerability, which was allegedly used in some high-profile attacks, has been circulating on the Internet recently. Compiling and running it is not a good idea, as the code contains instructions to install a botnet client and delete directories from the file system. About two w... |
18 July 2009
06:59 GMT |
|
|
Find us on Google+
