Skip to content

Gotham Security Daily Threat Alerts

by on May 14, 2015

May 13, Softpedia – (International) Flash Player 17.0.0.188 addresses security holes. Adobe released updates for Flash Player that fixed 18 vulnerabilities, including 10 memory corruption, heap overflow, integer overflow, type confusion, and use-after-free bugs that could allow an attacker to run arbitrary code on an affected system. Source

May 13, Softpedia – (International) Mozilla Firefox 38 fixes 13 vulnerabilities, 5 are critical. Mozilla released fixes for 13 vulnerabilities in Firefox version 38, including 5 critical flaws that could be leveraged to execute arbitrary code or read parts of the memory containing sensitive data. The update also added support for Digital Rights Management (DRM), among other improvements. Source

May 13, Softpedia – (International) Adobe rolls out critical update for Reader and Acrobat. Adobe released new versions for Acrobat and Reader PDF software patching 34 vulnerabilities, 17 of which include use-after-free, heap-based buffer overflow, and buffer overflow to memory corruption bugs that could have allowed an attacker to execute arbitrary code and take control of an affected system. Source

May 13, IDG News Service – (International) Microsoft fixes 46 flaws in Windows, IE, Office, other products. Microsoft released patches addressing 46 vulnerabilities across various products, including 3 critical security bulletins that covered remote code execution flaws in Windows, Internet Explorer, Office, Microsoft .NET Framework, Lync, and Silverlight. Source

May 13, Threatpost(International) “VENOM” flaw in virtualization software could lead to VM escapes, data theft. Security researchers from CrowdStrike discovered a vulnerability in virtualization platforms in which an attacker could exploit a flaw in the virtual floppy disk controller component of the QEMU open-source visualization package to escape from a guest virtual machine (VM) to gain code execution on the host in addition to any other VMs running on the affected system. The bug has been dubbed VENOM and affects a variety of virtualization software running on all major operating systems (OS). Source

May 12, Softpedia – (International) DDoS botnet relies on thousands of insecure routers in 109 countries. An investigation by the Web site security company Incapsula revealed that cybercriminals are using tens of thousands of Internet service providers (ISP) distributed home routers with default security configurations to create large botnets for distributed denial of service (DDoS) attacks. Findings revealed that 60 command and control (C&C) servers were being used for the botnets by a variety of groups employing various forms of malware worldwide. Source

May 11, Securityweek – (International) MacKeeper patches serious remote code execution flaw. The developers of the MacKeeper utility software suite for Apple OS X patched a critical input validation vulnerability which an attacker could exploit to remotely execute code on affected systems by tricking victims to visit a specially crafted Web site that runs code with root privileges once visited. Source

May 11, Securityweek – (International) Angler EK makes it difficult to track down malvertising sources. A security expert discovered that the Angler Exploit Kit (EK) is leveraging Web browser bugs to break the referrer chain, making it more difficult for security researchers and advertising networks to determine the kit’s source in the campaign. Source

May 8, Threatpost – (International) WordPress sites backdoored, leaking credentials. Security researchers at Zscaler discovered backdoor code compromising content management systems (CMS) on a number of WordPress Web sites that activates when users input their login credentials. Once activated, the backdoor injects JavaScript (JS) code hosted on a command and control (C&C) server. Source

May 8, Securityweek – (National) Rockwell Automation fixes flaw in factory communication solution. Rockwell Automation released software updates to address a buffer overflow vulnerability in its RSLinx Classic comprehensive factory communication server solution in which an attacker could crash the application or inject malicious code with elevated privileges by loading a specially crafted concurrent versions system (CVS) file to trigger a stack-based buffer overflow in the application. Source

From → Security

Comments are closed.

%d bloggers like this: