Earlier this month, security outfit FireEye’s 'FireEye as a Service' researchers out in Singapore [discovered and reported](https://www.fireeye.com/blog/threat-research/2015/06/operation-clandestine-wolf-adobe-flash-zero-day.html) on a phishing campaign that was found to be exploiting a zero-day in Adobe Flash Player vulnerability (CVE-2015-3113). That campaign has been well and truly active for a while now, with attacking emails including links to compromised sites serving up benign content if you are lucky and a malicious version of the Adobe Flash Player complete with the exploit code if you are not. Adobe has now [responded with a security update](https://helpx.adobe.com/security/products/flash-player/apsb15-14.html) with the following recommendations: Users of the Adobe Flash Player Desktop …

Member Avatar
Member Avatar
+2 forum 1

A 22 year old vulnerability, yes you read that right, has been discovered which some security experts suggest could be bigger than Heartbleed. The bug, reported as '[CVE-2014-6271:remote code execution through bash](http://seclists.org/oss-sec/2014/q3/649)' relates to how environment variables are processed: with trailing code in function definitions being executed independently of the variable name. This can be exploited remotely with code injected into environment variables across the network. The GNU Bourne Again Shell (Bash) command interpreter is widely used, to put it mildly, and as such is being treated as a critical security risk to Unix and Linux systems. Which means it …

Member Avatar
Member Avatar
+6 forum 18

Java vulnerabilities have hardly been out of the news during the last year. Here at DaniWeb we've covered a number of the stories as they surfaced: [Java in the cross-hairs: the security debate rolls on](http://www.daniweb.com/software-development/java/news/445532/java-in-the-cross-hairs-the-security-debate-rolls-on), [Is Java 7 still insecure? Oracle Patch doesn't fix underlying vulnerability](http://www.daniweb.com/software-development/java/threads/432479/is-java-7-still-insecure-oracle-patch-doesnt-fix-underlying-vulnerability), [Update my insecure Java plug-in? Meh, say 72% of users](http://www.daniweb.com/software-development/java/threads/446989/update-my-insecure-java-plug-in-meh-say-72-of-users) and [WARNING: New zero-day for Java 6u41 and Java 7u15](http://www.daniweb.com/software-development/java/threads/449198/warning-new-zero-day-for-java-6u41-and-java-7u15). It's the latter two that are pertinent as to why I'm covering the whole Java exploits story again. It would appear that the CVE-2013-2463 vulnerability in the Java 2D subcomponent is still problematical, even …

Member Avatar
Member Avatar
+3 forum 1

Microsoft has published an [advance notification](http://technet.microsoft.com/en-us/security/bulletin/ms13-jan) for vulnerabilities that will be patched in the January 2013 'Patch Tuesday' security bulletin due next week. However, anyone hoping for a permanent fix to deal with the Internet Explorer zero-day exploit that surfaced during the seasonal holiday period is going to be disappointed. There is no IE patch in this bunch, and while that might be a bit of a surprise to some given that IE security bulletins have become a very regular experience of late, the truth is that to expect a zero-day fix from Microsoft just a week or so after …

Member Avatar
Member Avatar
+0 forum 3

Reports are coming in thick and fast about 'state-sponsored' zero-day exploits hitting business websites in the UK. The latest, disclosed yesterday by [SophosLabs](http://nakedsecurity.sophos.com/2012/06/20/aeronautical-state-sponsored-exploit/), involves an as yet unnamed European aeronautical parts supplier and follows on from another the day before involving a European medical company site. In both cases the same unpatched vulnerability in Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 that can allow remote code execution, as detailed in [Microsoft Security Advisory 2719615](http://technet.microsoft.com/en-us/security/advisory/2719615) appears to have been successfully exploited. ![dweb-fixit01](/attachments/small/0/dweb-fixit01.jpg "align-right") The vulnerability impacts users of all currently supported versions of Windows including Windows 7, as well …

Member Avatar
Member Avatar
+1 forum 3

Last week saw the discovery of YAJE: Yet Another Java Exploit. Sadly, Java vulnerabilities are neither new nor uncommon and the bad guys are quick to exploit them in the wild. Some claim that Oracle is in too much of a rush to extricate itself from this unholy mess and while being quick to patch whatever vulnerability is currently making the media headlines is still leaving far too many insecurities in the software unfixed. But does that mean it's time to give up on Java? ![dweb-java01](/attachments/small/0/dweb-java01.jpg "align-right") AlienVault's Head of Labs, Jaime Blasco, reproduced the latest exploit in a previously …

Member Avatar
Member Avatar
+3 forum 6

Hi all, This is kind of related to another thread I posted in C++, but I thought I'd go the VB.NET route and have a co-worker help with the C++ conversion if needed. I hope I'm getting pretty close with this... Const MinMsiVersion = "3.0" 'Minimum version to support functionality Const MSIPATCHSTATE_APPLIED = 1 'Patch is applied to this product instance. Const msiInstallContextMachine = 4 'Enumerate products that are under the machine account. Dim iInstaller As WindowsInstaller.Installer Dim pPatch 'As WindowsInstaller.Patch '= CreateObject("WindowsInstaller.Installer") Dim strPatchPath, _ strPatchCode, _ strProdCode As String Dim strPatchXML As String Dim xmlMsiPatch As XmlDocument = …

Member Avatar
Member Avatar
+0 forum 1

Microsoft Security Advisory notices do not, as a rule, make the media sit up and take much notice. Not least as they have become relatively commonplace over the years, but every now and then one comes along which may grab some press attention. Take [MSA 2718704](http://technet.microsoft.com/en-us/security/advisory/2718704) for example. ![dweb-microsoftflamed](/attachments/large/0/dweb-microsoftflamed.jpg "dweb-microsoftflamed") At first the advisory with the expanded title of "Unauthorized Digital Certificates Could Allow Spoofing" issued on June 3rd doesn't hold out much hope in the immediately interesting stakes. However, when you realise that components of the Flame worm ([as reported here on DaniWeb](http://www.daniweb.com/software-development/news/424377/flame-on-complex-lua-and-c-cyber-weapon-fired-at-israel-iran-and-syria)) were signed with a certificate that …

Member Avatar
Member Avatar
+2 forum 1

An in-the-wild exploit targeting a vulnerability with Java 7 has led to security experts the world over warning users to disable the Java plug-in for their browser clients at the very least, and preferably uninstall Java altogether. The CVE-2012-4681 vulnerability, comprising two flaws, along with a couple of other 'related vulnerabilities' has now been patched by Oracle which strongly recommends users apply the updates as soon as possible. Security Explorations, the Polish security company that first notified Oracle about the vulnerabilities many weeks ago, is less convinced. ![javasec7](/attachments/small/0/javasec7.jpg "align-right") It would appear that the company has found another vulnerability in …

Member Avatar
Member Avatar
+0 forum 4

Hi guys. I need help for creating an exe which will patch my other exe.. 1st exe is one form with a textbox and a value textbox1.text="Hi,my name is Chris" 2nd exe i want to be an exe which will PATCH the 1st exe and change the value of the textbox1. I know a few things about w32dasm,hiew and ollydbg..i think i should use these programs first to find the address of the value of the textbox1 and then patch it with the second exe..right? The thing is that i build the first exe and i add it in w32dasm …

Member Avatar
+0 forum 0

If you are a user of Adobe Flash, be sure to apply the latest security update if you want to avoid becoming part of an in-the-wild attack exploiting a vulnerability which currently seems to be exploiting users of Internet Explorer on the Windows platform only. Adobe has, however, issued an [emergency security patch](https://www.adobe.com/support/security/bulletins/apsb12-09.html) for Android, Linux and Mac users as well as those with Windows which kind of suggests it could be indicative of a wider problem with the software. ![dweb-flash](/attachments/small/0/dweb-flash.jpg "align-right") Adobe is recommending that any users of Flash Player v11.2.202.233 and earlier for Windows, Mac and Linux should …

Member Avatar
Member Avatar
+0 forum 1

[ATTACH=RIGHT]21548[/ATTACH]Earlier this week a hacker group called Dev-Team launched a revamped website service that enables owners of the iPhone 4 and iPad 2 (amongst a myriad other iOS-powered devices) to jailbreak them in next to no time, for free, online. The [URL="http://blog.iphone-dev.org/post/890709355/the-return-of-jailbreakme-com"]JailBreakMe site exploits a vulnerability[/URL] with the way that the Safari browser client handles PDF files to enable the jailbreaking to be performed in such a painless way. However, as [URL="http://nakedsecurity.sophos.com/2011/07/06/jailbreakme-security-iphone-ipad/"]security researchers have been warning[/URL], the same vulnerability could be exploited by others for nefarious purposes rather than simply the ability to get apps which have not been approved …

Member Avatar
Member Avatar
+1 forum 6

I have a notebook Lenovo Z61m, OS window XP. I'm trying to disconnect the HP all in one printer 2355 series without success. A window appears reading Error 1606 "could not access network location 0. i'm buying a new printer and want to eliminate the previous one HP. Please help!

Member Avatar
Member Avatar
+0 forum 3

[ATTACH=right]16305[/ATTACH]No more shortcuts for hackers - that's the word from Microsoft, which plans to release a patch today that the company says will fix a security loophole. The issue is tied to the way the Windows OS handles shortcuts, or .lnk files, or as Microsoft explains it in the [URL="http://www.microsoft.com/technet/security/advisory/2286198.mspx"]official security advisory[/URL]: [I]"The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the icon of a specially crafted shortcut is displayed. This vulnerability can be exploited locally through a malicious USB drive, or remotely via network shares and WebDAV. An exploit …

Member Avatar
+1 forum 0

A user reported not be able to access the network. I moved their network cable to another jack and all was well. The 2 wall jacks in question were professional installed Cat 5E cabling, both are plugged into a switch but I can't ping or tracert anything on the network thru them. I applied a cable tester to each end and all the lights sequenced for both jacks. When I put a loopback plug on the user end, connect it to the jack, and then plug the other end of the cable into the switch it lights up. I've tried …

Member Avatar
+0 forum 0

Microsoft on Tuesday is set to release six security updates, three of which it has deemed critical and apply only to versions of Windows other than Windows 7. Microsoft released advance notice of its [url=http://www.microsoft.com/technet/security/Bulletin/MS09-nov.mspx]Security Bulletin for November[/url], on Nov. 5. The bulletin itself will be released on Tuesday along with remedies, as per its normal patch cycle. Other alerts are labeled "important," one of which involves a denial of service vulnerability for Windows; the other two affect Excel. Redmond will reportedly release updates for Windows XP, 2003 and 2007 and Office 2004 and 2008 for Mac OS X. Save …

Member Avatar
+0 forum 0

According to a new report, published today by SANS, the overwhelming majority of all cyber-security risks can be laid at the door of just two areas: unpatched client-side software and vulnerable Internet facing web sites. The report was compiled by Rohit Dhamankar, Mike Dausin, Marc Eisenbarth and James King of TippingPoint with assistance from Wolfgang Kandek of Qualys, Johannes Ullrich of the Internet Storm Center, and Ed Skoudis and Rob Lee of the SANS Institute faculty. But, to be fair, I'm not sure that attack data from systems protecting 6000 organisations and vulnerability data from 9,000,000 systems was really needed …

Member Avatar
+1 forum 0

Microsoft yesterday released a [url=http://support.microsoft.com/kb/954593]security update[/url] intended to fix eight critical vulnerabilities in as many as 42 Windows apps and components, including IE6, Media Player, Office, SQL Server and Visual Studio. The patch was made available before they could be discovered and exploited by malicious hackers, or at least before any were reported. The flaws were all found within GDI+, Microsoft's Graphics Device Interface subsystem. The vulnerability could allow remote code execution "if a user [views] a specially crafted image file using affected software or [browses] a Web site that contains specially crafted content," according to [url=http://www.microsoft.com/technet/security/Bulletin/MS08-052.mspx]Security Bulletin MS08-052[/url], issued …

Member Avatar
+0 forum 0

Apple has rolled no less than 25 patches into the [URL="http://www.apple.com/support/downloads/"]Mac OS X 10.5.4 Leopard update[/URL] that was announced yesterday. These address a number of Ruby vulnerabilities, as reported [URL="http://www.daniweb.com/blogs/entry2657.html"]here on DaniWeb[/URL] last month by fellow blogger Davey Winder. So that's six of the patches accounted for at any rate. Others are a little more difficult to pin down, although Apple does say that they address operating system and application performance issues. It seems, from a quick bit of asking around the usual online suspects, that these include components such as Alias Manager, CoreTypes, c++filt, Net-SMTP, Tomcat, VPN and Webkit …

Member Avatar
+0 forum 0

Microsoft today gave [URL=http://www.microsoft.com/technet/security/bulletin/ms08-jun.mspx] advance notice [/URL]of a security bulletin it will release on Tuesday to repair seven vulnerabilities in Windows and Internet Explorer, three of them critical. The three critical warnings involve potential remote code execution, and affect Bluetooth, DirectX and IE. According to reports, the latter patch might also include fixes for the so-called [URL= http://www.dhanjani.com/archives/2008/05/safari_carpet_bomb.html] “Carpet Bomb” threat[/URL] to Apple’s Safari browser made known recently by Nitesh Dhanjani. Microsoft last week issued a [URL= http://www.microsoft.com/technet/security/advisory/953818.mspx] separate security warning [/URL]about the “blended threat” to Safari on Windows XP and Vista as well as Internet Explorer versions 6 and …

Member Avatar
+0 forum 0

It should come as no surprise that the upcoming 'Patch Tuesday' from Microsoft should include critical patches covering the likes of VBScript and Jscript implementation in Windows 2000, XP and 2003. However, [URL="http://www.itpro.co.uk/news/184764/not-even-vista-sp1-escapes-next-patch-tuesday.html"]some reporters[/URL] have expressed just a little astonishment that both Windows Server 2008 and Vista SP1 are also included in the latest patch run. Apparently one of the five critical patches affects every version of Windows, and that includes both the latest server OS and the first of the Vista service packs. Windows Server 2008 was only released to the public five weeks back, and Vista SP1 just …

Member Avatar
+0 forum 0

A browser with vulnerabilities that could lead to arbitrary code execution and cross-site scripting attacks. An urgent automatic update to patch eight such vulnerabilities, five of which are rated as critical and the complete set as ‘highly critical’ by security exploits tracker Secunia. And even then missing a password management vulnerability that has been known about since November which can exploit a reverse cross-site request to expose logins. The browser security supremo spinning the whole episode as ‘definitely a good thing’ proving that the client is ‘more secure.’ You might be forgiven for thinking it is the same old same …

Member Avatar
Member Avatar
+0 forum 13

Various internet sources are reporting two Microsoft patch concerns -- a failed "real" patch released by Microsoft, and a third party assembling various hot-fixes, and calling them "Windows XP SP3 Preview Pack". There is no official "Windows XP SP3"... the third party preparing them clearly mentions that on their website, but it is very tempting for people to go there, and grab the update, and install it. Windows is a flawed operating system that requires local administrator authority to run all of the software, so not even compaines can protect themselves at the local machine level from having users improperly …

Member Avatar
Member Avatar
+0 forum 1

The End.