There has been a lot of activity since October’s Patch Tuesday. During that short period of time, Oracle released its quarterly CPU, including an update for Java JRE; Adobe resolved a zero-day in Flash Player; a security researcher identified a new form of attack called Atombombing, and there has been some rising discussion around the Server 2016 servicing model. The week following Patch Tuesday, the week of October 17th, Oracle released its quarterly CPU, resolving … More
Source: helpnetsecurity

Due to Google’s public release of information about an actively exploited Windows zero-day, Microsoft was forced to offer its own view of things and more information about the attack. The vulnerability is just one part of the attack chain leveraged by the Strontium (aka Fancy Bear, aka APT28) hacker group, which is widely believed to be behind the DNC and John Podesta email hacks, and backed by the Russian government. “This attack campaign, originally identified … More
Source: helpnetsecurity

Google has disclosed to the public the existence of a Windows zero-day vulnerability (CVE-2016-7855) that is being actively exploited in the wild. According to Neel Mehta and Billy Leonard, of the Google Threat Analysis Group, it’s a local privilege escalation in the Windows kernel that can be used as a security sandbox escape, and can be triggered “via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to … More
Source: helpnetsecurity