Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    July 2014
    S M T W T F S
    « Jun    
     12345
    6789101112
    13141516171819
    20212223242526
    2728293031  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Vulnerabilities’ Category




    Internet Explorer and Microsoft Windows are some of the affected applications addressed in this month’s round of security updates.  For their July patch Tuesday, Microsoft has released six security bulletins, two of which are tagged as 'critical'.  The three other bulletins are rated as ‘important’ and one bulletin as ‘moderate.’ MS14-037 resolves about 23 vulnerabilities found existing in Internet Explorer, which may lead to remote code execution when exploited successfully via a specially crafted webpage. These vulnerabilities affect Internet Explorer versions 6 to ...

    Posted in Vulnerabilities |



    In the recent Microsoft security bulletin for Internet Explorer, we found an interesting improvement for mitigating UAF (User After Free) vulnerability exploits.  The improvement, which we will name as “isolated heap”, is designed to prepare an isolated heap for many objects which often suffers from UAF vulnerabilities. Let’s use Internet Explorer 11 as an example. Before it was patched, the function CHeadElement::CreateElement allocates memory space from the heap. The code is as follows: Figure 1. The function CHeadElement::CreateElement From Figure 1, we can see the memory space is ...

    Posted in Vulnerabilities |



    In the previous part of this post, we explained what the "smartification" of the home is, why people are adopting it, and looked into some of the factors that can influence how people choose to add home automation into their daily lives. What are some additional factors that influence whether smart devices are accepted into homes? Replacement of Existing Equipment As existing devices and appliances in the home need replacement, homeowners may choose to replace these with smart devices. Of course, users may ...

    Posted in Data, Social, Vulnerabilities |



    Over the past few years, there has been proliferation of intelligent connected devices introduced into homes across the globe. These devices can range from the familiar - such as tablets, smart phones, and smart TVs - to the less familiar, such as utility meters, locks, smoke and carbon monoxide detectors, motion detectors and scales. Other devices, like wearable technologies, or wearables, such as fitness and lifestyle monitoring devices, and smart glasses are making an entrance into our regular way of life. This effect, known as “smartification” ...

    Posted in Data, Social, Vulnerabilities |



    Two out of seven bulletins in today’s Microsoft Patch Tuesday are tagged as critical while the rest are marked as important. The critical bulletins addressed a number of vulnerabilities found existing in Microsoft Office and Internet Explorer, which when exploited could allow remote code execution, thus compromising the security of the systems. Perhaps the most interesting bulletin here is MS14-035, which resolves flaws in Internet Explorer versions 6 to 11, can be abused via a specially crafted web page and can possibly ...

    Posted in Vulnerabilities |


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice