Security and the Net

News and opinions about security, the internet and more

Entries Tagged ‘zero-day’

Zero-day exploit for Adobe Reader

A zero-day exploit for Adobe Reader has been making the rounds since yesterday. From Adobe’s advisory: A critical vulnerability has been identified in Adobe Reader 9 and Acrobat 9 and earlier versions. This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system. There are […]

Leave a Comment

It’s official: MS08-78 fixing critical IE bug

Microsoft just released MS08-78, a security bulletin describing the issue that has been affecting Internet Explorer users for almost a week (CVE-2008-4844). The bug is fixed for Internet Explorer 5.01, 6, 7 and the beta version of IE8. As Microsoft points out on their Internet Explorer homepage, the browser is now “safer than ever”. Don’t […]

Leave a Comment

Fix for IE7 zero-day to be available tomorrow

Microsoft has just announced that a fix for the critical bug in Internet Explorer 5, 6 and 7 is to be published tomorrow. As usual, there will be webcasts detailing the fixes: Microsoft is hosting two webcasts to address customer questions on these bulletins: on December 17, 2008, at 1:00 PM Pacific Time (US & […]

Comments (1)

More details about IE7 zero-day exploit

More details about the zero-day exploit for IE7 are starting to surface. The most shocking detail is that this is actually an older issue: eEye reports that this was first seen on 11/15. eEye says that no mitigation strategies currently exist; Symantec suggests that disabling Javascript will at the very least disable the currect attack […]

Comments (1)

Zero-day exploit for IE7

Just in time for the holidays, a new bug has been found in Internet Explorer that enables hackers to execute arbitrary code. This was first reported by McAfee: The root cause was found to be the incorrect handling of certain XML tags in Internet Explorer 7.x that references already freed memory in the mshtml.dll. We […]

Comments (1)