Newsletter Archives

• Details on the Task Scheduler ALPC zero-day

  Posted on August 28, 2018 at 07:59 CDT by woody • Comment in the Forums

  Kevin Beaumont (@GossiTheDog) just published an excellent overview of the newly touted ALPC zero-day in Task Scheduler. Complete with working exploit code.

  The flaw is that the Task Scheduler API function SchRpcSetSecurity fails to check permissions. So anybody — even a guest — can call it and set file permissions on anything locally.

  It’s a privilege escalation bug, allowing an offending program to leapfrog itself from running in user mode to take over the machine.

  Catalin Cimpanu on Bleeping Computer posted the initial revelation from @SandboxEscaper, who posted original exploit code on GitHub, then deleted their Twitter account.

  Nothing to worry about yet, but expect to see a fix for all versions of Windows before too long.

  Windows Patches/Security ALPC, Zero Day

• Patch Lady – Flash update out on June 7th

  Posted on June 7, 2018 at 14:39 CDT by Susan Bradley • Comment in the Forums

  Be aware that today a Flash update has been released.  For those of you on Windows 7 you will need to either look to a prompt or go to the Adobe flash page for your update.  For those on 10, and 8.1 you get your update from Microsoft.

  https://support.microsoft.com/en-us/help/4287903/security-update-for-adobe-flash-player

  “Adobe is aware of a report that an exploit for CVE-2018-5002 exists in the wild, and is being used in limited, targeted attacks against Windows users. These attacks leverage Office documents with embedded malicious Flash Player content distributed via email.”

  Generally speaking it’s wise to ensure these flash updates are installed as soon as possible.  Kirsty’s got the links for you here:

   

  Windows Patches/Security Flash, Patch Lady Posts, Zero Day

• Pwnfest brings two zero-day system level hacks of Edge

  Posted on November 11, 2016 at 11:20 CST by woody • Comment in the Forums

  So much for the most secure browser ever.

  Darren Pauli at The Register reports that two Win10 1607 ( = Anniversary Update = Redstone 1) machines updated to this week’s security patch level were pwned in separate hacks.

  It’s become a lucrative hobby. $140,000 each to Qihoo 360 (China) and LokiHardt (South Korea).

  There’s also a hack using Flash on Edge on Win10 1607.

  Windows Patches/Security Zero Day

• Microsoft’s latest Word security hole, KB 2953095, is part of an on-going embarrassment

  Posted on March 25, 2014 at 21:46 CDT by woody • Comment in the Forums

  Has everybody forgotten that RTF – the sticking point in the latest zero-day, and dozens of zero-days before it – was invented and controlled by Microsoft?

  InfoWorld Tech Watch.

  Office Patches/Security 0day, KB 2953095, RTF, Word, Zero Day

• If you use IE9 or IE10, Security Advisory 2934088 says get patched now

  Posted on February 20, 2014 at 22:16 CST by woody • Comment in the Forums

  There’s a Fixit…

  InfoWorld TechWatch

  Uncategorized IE 10, IE 9, Internet Explorer, KB 2934088, Zero Day

• In minimizing zero-days, Microsoft misses the point

  Posted on October 13, 2011 at 06:32 CDT by woody • Comment in the Forums

  They may not be numerous, but they’re dangerous.

  InfoWorld Tech Watch.

  Windows Patches/Security 0day, Zero Day

• And now for a different kind of 0day

  Posted on January 25, 2011 at 07:31 CST by woody • Comment in the Forums

  Any list of the ten smartest people in the computer biz today would have to include Mark Russinovitch.

  With technical street cred stretching from building Windows uber-utility Sysinternals, to discovery of the Sony Rootkit, to defining the Microsoft Technical Fellow position by example, Mark knows tech like you know your coffee cup.

  Add one more achievement to the list. He’s a hell of a good novelist. At least, I couldn’t stop myself scrolling through the posted excerpt from his first novel, Zero Day. (Warning: it reads like an explicit action-adventure novel.)

  Mark says he started working on the novel eight years ago, and it’s taken this long to get through the book-writing maze.

  From the cover:

  An airliner’s controls abruptly fail mid-flight over the Atlantic. An oil tanker runs aground in Japan when its navigational system suddenly stops dead. Hospitals everywhere have to abandon their computer databases when patients die after being administered incorrect dosages of their medicine. In the Midwest, a nuclear power plant nearly becomes the next Chernobyl when its cooling systems malfunction.

  At first, these random computer failures seem like unrelated events. But Jeff Aiken, a former government analyst who quit in disgust after witnessing the gross errors that led up to 9/11, thinks otherwise. Jeff fears a more serious attack targeting the United States computer infrastructure is already under way. And as other menacing computer malfunctions pop up around the world, some with deadly results, he realizes that there isn’t much time if he hopes to prevent an international catastrophe.

  Arabs in league with Al-Qaeda play the villains. They want to “wreak havoc” on the West “in a very cost-efficient way that’s low risk.” Cyber terrorism fits the description, eh?

  Okay, so it’s long on cliches and penny-pinching Al-Qaedites, but the excerpt moves right along. The lead blurb comes from a certain Mr. Gates. You may have heard of him, too.

  Look for Zero Day on store shelves in March. Or you can pre-order a copy through Amazon, Barnes & Noble, or a handful of other bookstores.

  A quick check on the Amazon ordering page reveals that customers who bought Zero Day also bought a copy of the Windows 7 Professional Upgrade. Simple coincidence? I think not.

  Other 0day, Mark Russinovich, Zero Day
• Newer Entries »