Update now! Chrome fix patches in-the-wild zero-day

Credit to Author: Pieter Arntz| Date: Thu, 04 Mar 2021 13:24:38 +0000

Google has released a patch for yet another vulnerability in Chrome’s audio component after it was exploited in the wild.

Categories: Exploits and vulnerabilities

Tags:

(Read more…)

The post Update now! Chrome fix patches in-the-wild zero-day appeared first on Malwarebytes Labs.

Read more

Mozilla patches critical security issues in Firefox and Thunderbird

Credit to Author: Pieter Arntz| Date: Tue, 10 Nov 2020 15:22:29 +0000

Time to update! Mozilla has patched critical security issues in Firefox and Thunderbird.

Categories:

Tags:

(Read more…)

The post Mozilla patches critical security issues in Firefox and Thunderbird appeared first on Malwarebytes Labs.

Read more

CVE-2019-0888: Use-After-Free in Windows ActiveX Data Objects (ADO)

Credit to Author: SophosLabs Offensive Security| Date: Tue, 09 Jul 2019 14:00:58 +0000

Details of the vulnerability we reported to Microsoft and was fixed in last month’s Patch Tuesday<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/-BE2g_tELic” height=”1″ width=”1″ alt=””/>

Read more

SSD Advisory – Chrome AppCache Subsystem SBX by utilizing a Use After Free

Credit to Author: SSD / Ori Nimron| Date: Mon, 29 Oct 2018 09:23:16 +0000

Vulnerabilities Summary The vulnerability exists in the AppCache subsystem in Chrome Versions 69.0 and before. This code is located in the privileged browser process outside of the sandbox. The renderer interacts with this subsystem by sending IPC messages from the renderer to the browser process. These messages can cause the browser to make network requests, … Continue reading SSD Advisory – Chrome AppCache Subsystem SBX by utilizing a Use After Free

Read more

SSD Advisory – IRDA Linux Driver UAF

Credit to Author: SSD / Ori Nimron| Date: Thu, 27 Sep 2018 11:23:40 +0000

Vulnerabilities Summary The following advisory describes two vulnerabilities in the Linux Kernel. By combining these two vulnerabilities a privilege escalation can be achieved. The two vulnerabilities are quite old and have been around for at least 17 years, quite a few Long Term releases of Linux have them in their kernel. While the assessment of … Continue reading SSD Advisory – IRDA Linux Driver UAF

Read more

SSD Advisory – VirtualBox VRDP Guest-to-Host Escape

Credit to Author: SSD / Ori Nimron| Date: Mon, 20 Aug 2018 06:00:52 +0000

Vulnerability Summary VirtualBox has a built-in RDP server which provides access to a guest machine. While the RDP client sees the guest OS, the RDP server runs on the host OS. Therefore, to view the guest OS the RDP client will make a connection to the host OS IP address rather than the guest OS … Continue reading SSD Advisory – VirtualBox VRDP Guest-to-Host Escape

Read more