Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"Another "Hacking Team" zero-day surfaces - this time in IE, not Flash!", via NS


  • Please log in to reply
No replies to this topic

#1 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:07:28 PM

Posted 15 July 2015 - 08:12 AM

Yet another zero-day has been dragged out of the data dump from hacked Italian security outfit Hacking Team.

This time, Adobe can breathe a sigh of relief, and so can Flash users and programmers everywhere.

This vulnerability is down to a bug in Internet Explorer 11, and looks as though it's perfectly viable as a vehicle for Remote Code Execution (RCE) on both Windows 7 and Windows 8.1.

Generally speaking, RCEs are the most dangerous exploits, especially against a browser, because they can be used for drive-by downloads.

That's where merely looking at a web page - even if you don't click any buttons, download any files, fill in any forms or see any "Are you sure" popups - could infect your computer with malware.


Another "Hacking Team" zero-day surfaces - this time in IE, not Flash!

A Windows Update has been released already on Patch Tuesday to patch this 0-day, so make sure to install all of them as soon as you can.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


BC AdBot (Login to Remove)

 


m



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users