Monday, January 10, 2011

Zero Day Vulnerabilities in Windows

Apologies, for writing after so long,

What brings me to write in here is, the issues seen early this year, two critical vulnerabilities in Microsoft. Almost all flavours of Microsoft operating systems are affected. And the worry is both issues are Zero day and no patch is available from the vendor, off-course some workarounds are there, follow the references.

First issue discovered is in Windows Graphic Rendering Engine (GRE), Issue is caused due to some stack overflow vulnerability in "CreateSizedDIBSECTION()" function in "shimgvw.dll" module. Attackers could exploit this vulnerability by luring users to view a malicious crafted thumbnail image.

Second issue is in Microsoft Internet Explorer 8 (IE8), almost all different flavours of MS has this latest browser. Issue is caused due to use-after-free error in mshtml.dll when processing circular references between JScript objects and Document Object Model (DOM) objects. Attackers can exploit this vulnerability by luring users to visit a crafted webpage or website.

After exploiting any of these vulnerabilities, attackers can take control of affected systems.

For more info, please follow the following links:

http://www.microsoft.com/technet/security/advisory/2490606.mspx
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Exploit%3AWin32%2FCVE-2010-3970&ThreatID=-2147325626
http://tools.cisco.com/security/center/viewAlert.x?alertId=22180
http://www.vupen.com/english/advisories/2011/0018
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3970
http://community.websense.com/blogs/securitylabs/archive/tags/CVE-2010-3970/default.aspx
http://www.securityfocus.com/bid/45662
http://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2011-0001
http://www.vupen.com/english/advisories/2011/0026
http://lcamtuf.coredump.cx/cross_fuzz/msie_crash.txt
http://lcamtuf.blogspot.com/2011/01/announcing-crossfuzz-potential-0-day-in.html
http://isc.sans.edu/diary.html?date=2011-01-05
http://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2011-0002
http://www.theregister.co.uk/2011/01/03/ie_0day_leaked/
at No comments:
Subscribe to: Posts (Atom)

Reporting Cyber Crime

            Govt. of India took great initiative by facilitating citizens with “National Cyber Crime Reporting Portal”  ( https://cybercrime...

  • Microsoft released workaround for DLL vulnerability
    Microsoft released workaround for DLL vulnerability Microsoft has released an advisory explaining the DLL preloading attacks and provides wo...
  • Fake prize call from +92**********
    Today early morning (12:07 AM), I got missed call from a number starts from +92 . I know about this number very well so didn't picked up...
  • Fake POS Devices
    Nowadays, hardware have become so cheap that cybercriminals can easily reproduce fake point-of-sale (POS) devices that can be used to skim ...