VB Migration

Tag: vulnerability

  • Is CVE-2017-0199 the new CVE-2012-0158?

    There are two good reasons not to be concerned about CVE-2012-0158 , an RTF handling vulnerability in Microsoft Office . First, the vulnerability was patched more than five years ago, so if you follow good security practices and patch regularly, you won’t have to worry about it. Secondly, if you are following those good security practices,…

  • Is CVE-2017-0199 the new CVE-2012-0158?

    There are two good reasons not to be concerned about CVE-2012-0158 , an RTF handling vulnerability in Microsoft Office . First, the vulnerability was patched more than five years ago, so if you follow good security practices and patch regularly, you won’t have to worry about it. Secondly, if you are following those good security practices,…

  • Paper: The journey and evolution of God Mode in 2016: CVE-2016-0189

    While avoiding the use of Flash is good advice for helping to fend off exploit kits, some of the vulnerabilities exploited by these kits actually target the browsers themselves. An important example of this is CVE-2016-0189, which affects Microsoft ‘s Internet Explorer browser versions 9 through 11. First discovered in the wild in targeted attacks…

  • Paper: The journey and evolution of God Mode in 2016: CVE-2016-0189

    While avoiding the use of Flash is good advice for helping to fend off exploit kits, some of the vulnerabilities exploited by these kits actually target the browsers themselves. An important example of this is CVE-2016-0189, which affects Microsoft ‘s Internet Explorer browser versions 9 through 11. First discovered in the wild in targeted attacks…

  • It’s fine for vulnerabilities to have names — we just need not to take them too seriously

    “What’s in a name? That which we call Heartbleed by any other name would be just as malicious.” — William Shakespeare (paraphrased) When OpenSSL vulnerability CVE-2014-0160 was discovered in April 2014, it was about as bad as vulnerabilities get: an attacker could read large chunks of server memory, including passwords and even private keys, merely…

  • Paper: All Your Meetings Are Belong to Us: Remote Code Execution in Apache OpenMeetings

    The rise of bug bounties in recent years has created an incentive for hackers to hunt for vulnerabilities in a lot of software and services. But what about those software projects that can’t pay bounties, because they are developed by volunteers? Thankfully, some researchers are devoting their time to such projects and to helping them…

  • Security vendors should embrace those hunting bugs in their products

    Security software is software too — and it will have flaws. Last week, I was interviewed for the Risky Business podcast . I really enjoyed the experience, not just because I’ve long been a fan of the show, but also because we discussed a subject I really care about: the security of security products. If…

  • File-stealing vulnerability found in Firefox PDF reader

    Both Windows and Linux users actively being targeted. If, like me, you are suffering from vulnerability fatigue after so many flaws and weaknesses having been disclosed in Las Vegas this week, you may be tempted to ignore the advisory Mozilla released yesterday. However, I strongly advise you don’t. The company says it has been made…

  • Stagefright vulnerability leaves 950 million Android devices vulnerable to remote code execution

    The operating system has been patched, but it is unclear whether users will receive those patches. Researchers at mobile security firm Zimperium have discovered a remote code execution flaw in the Stagefright media library used on Android phones. The vulnerability allegedly means it could, for instance, take one MMS message for an attacker to run…

  • Weak keys and prime reuse make Diffie-Hellman implementations vulnerable

    ‘Logjam’ attack possibly used by the NSA to decrypt VPN traffic. A group of researchers have discovered a number of vulnerabilities in the way the Diffie-Hellman key exchange protocol is deployed and have demonstrated an attack (dubbed ‘ Logjam ‘) that exploits these vulnerabilities. Diffie-Hellman is used by two entities (typically referred to as Alice…