Exploit for CVE-2017-8759 detected and neutralized

The September 12, 2017 security updates from Microsoft include the patch for a previously unknown vulnerability exploited through Microsoft Word as an entry vector. Customers using Microsoft advanced threat solutions were already protected against this threat. The vulnerability, classified as CVE-2017-8759, was used in limited targeted attacks and reported to us by our partner, FireEye. Microsoft would like…


Analysis of the Eleonore exploit pack shellcode

‘​Eleonore’ is a malware package that contains a collection of exploits used to compromise web pages. When the compromised web pages are viewed via vulnerable systems, the exploit payload is run. Eleonore is purchased by an attacker from an underground website. The attacker then gains access to Internet web servers and installs the exploit by…

0

Analysis of the CVE-2011-0611 Adobe Flash Player vulnerability exploitation

About a month ago, we blogged about an Adobe Flash Player vulnerability (CVE-2011-0609) that was actively exploited in the wild. That exploit was hidden inside a Microsoft Excel document. Over the weekend, a new Adobe Flash Player 0-day (CVE-2011-0611) was reported by Adobe in a recent advisory (APSA11-02). It all started with spam emails enticing users to…

0

My Sweet Valentine – the CIFS Browser Protocol Heap Corruption Vulnerability

On Valentine’s Day, an anonymous researcher announced a previously undisclosed SMB (Server Message Block) vulnerability affecting the CIFS (Common Internet File System) browser service. Along with the vulnerability, the researcher also posted Proof-of-Concept (PoC) exploit code showing exactly how to exploit the vulnerability, triggering a blue screen in kernel mode.   Considering the issue was…

0

Nobel Prize site hacked, delivers malware

Yesterday (Oct 26, 2010), MMPC researchers learned that the Nobel Peace Prize website “nobelprize.org” was hacked and users browsing the site using Firefox versions 3.5 and 3.6 may have received malware. The malware is delivered by way of a malicious JavaScript that exploits a vulnerability in Firefox. Mozilla is aware of the vulnerability and note…

0