All Tags » vulns

Windows 2000 remote exploit released

Pedro Bustamante at  21 December 07 05:48    
48Bits has released code for remotely exploiting vulnerable Windows 2000 machines via the RPC interface. A little bit of background. Ten days ago ZDI published an advisory about a stack overflow in the Microsoft Windows Message Queuing Service ( CVE-2007-3039
Read More...

Post a Comment: 2 Comments    Category:     


Vulnerability found that allows for "disclosure policy bypass"

Pedro Bustamante at  21 November 07 07:24    
Among other things I also deal with product vulnerabilities that are reported to us. It's great to be able to work with other security researchers as it allows us to make our products safer and get to know some great people out there. Most of the
Read More...

Post a Comment: 5 Comments    Category: ,     


How to prevent zero day exploits

Pedro Bustamante at  31 October 07 11:56    
With all the talk about the latest wave of PDF exploits in the wild , proactive protections against vulnerabilities in common applications (MS Office, Acrobat Reader, RealPlayer, WinAmp, Windows Media Player…) are proving to be an effective solution
Read More...

Post a Comment: 3 Comments    Category: ,     


ANI loader vulnerability analysis

Pedro Bustamante at  10 April 07 09:15    
The guys over at Hispasec have just published a very nice analysis of the ANI loader vulnerability. It's also very interesting to see the stats of unique samples received at VirusTotal that exploit the ANI vulnerability.
Read More...

Post a Comment: 0 Comments    Category:     


Point-and-click Internet Explorer VML exploits

Pedro Bustamante at  09 April 07 09:00    
Just a curiosity, but today's the 3 month anniversary of the integer overflow vulnerability in VML (vgx.dll). We shouldn't get too caught up on the latest and greatest media-friendly PoC and keep an eye on what's going on in the underground.
Read More...

Post a Comment: 2 Comments    Category: