Trend Micro has acquired samples of an exploit targeting the recent zero-day vulnerability affecting Windows XP and Server 2003. This is an elevation of privilege vulnerability, which may allow an attacker to gain privileges that would enable him to do various activities, including deleting or viewing data, installing programs, or creating accounts with administrative privileges. We…
Read MoreOscar Abendan
Technical Communications
Microsoft announced yesterday that an unpatched vulnerability was reportedly being exploited and used in targeted attacks in certain countries. The said exploit is designed to take advantage of a previously unknown vulnerability in Microsoft Office 2003, 2007 and 2010 and Windows XP and Server 2003. The said vulnerability stems from how older versions of Office…
Read MoreInternet Explorer (IE), Office, Silverlight, .NET Framework are just some of the applications patched in this month’s Microsoft Patch Tuesday. Perhaps the most important vulnerability fixed this month was a zero-day vulnerability in Internet Explorer (CVE-2013-3893) which was exploited in certain targeted attacks. Among the eight bulletins released October 2013 Patch Tuesday, four were rated Critical…
Read MoreNote: Some of the apps discussed in this blog entry were developed with an older adware SDK that did not contain opt-in provisions, particularly regarding the ability to collect information and display ads outside of the original app. The adware SDK has since been updated to this capability to comply with Google’s developer policies; apps…
Read MoreMicrosoft Outlook, Internet Explorer are two of the four Critical bulletins (plus ten bulletins rated as Important) in today’s Microsoft Patch Tuesday. Particularly troublesome is the Outlook vulnerability, which is exploitable via preview pane. By not applying these updates, vulnerable systems are at risk of malware infection and unwanted data disclosure among others. The four…
Read More