exploit

The U.S. Computer Emergency Readiness Team has warned of a vulnerability in SAP GUI, the graphical user interface client in the German company's enterprise resource-planning software.

The unspecified flaw can cause Microsoft's Internet Explorer browser to crash in an exploitable manner. The flaw lies in an ActiveX control called MDrmSap, a component of SAP GUI.

US-CERT warned in an advisory, updated on Monday, that if users are fooled into viewing a specially crafted HTML document, external attackers might be able to gain control of their system, with their privileges.

A patch is available from SAP, through SAP … Read more

While Microsoft has labeled Thursday's emergency patch MS08-067 as "critical" and provided a rareout-of-cycle fix because its exploit could easily be used as worm on a compromised network, one security researcher doesn't think it will happen that way.

"It's likely we're going to see this packaged with some other attack." said Ben Greenbaum, senior research manager at Symantec. "A Web-based attack, for example. We're looking out for are exploits of this being bundled with client-side exploits or Trojans so that the worm can get past corporate firewalls and get … Read more

On Thursday, Microsoft announced four security bulletins for Tuesday. The announcement is intended as a heads-up for IT departments before Patch Tuesday. All four are considered critical, the most serious ranking offered by the software giant.

Among the critical patches, two affect Windows Media Player, one affects Windows, while the other affects Microsoft Office. All could enable remote code execution if exploited.

Starting next month, Microsoft will be sharing the technical details of new vulnerabilities to give software developers a catch to update affected products before the public announcement. Also in October, Microsoft will start providing each bulletin with an … Read more

Microsoft issued a security advisory late Tuesday that malicious attackers are targeting versions of its Office Excel with vulnerabilities.

Microsoft Office Excel 2003 with Service Pack 2; Excel Viewer 2003; Excel 2002; Excel 2000; and Microsoft Excel 2004 for the Mac are affected by the security vulnerabilities, according to the advisory.

People who open a malicious e-mail attachment or visit a malicious Web site may find that their systems are compromised and that arbitrary remote code is executed. Computers configured to allow the user to have administrative user rights are at greater risk that those with few user rights on … Read more

Grisoft, maker of AVG antivirus and Internet security software, on Wednesday announced the acquisition of Exploit Prevention Labs, maker of the LinkScanner family of safe Web-browsing applications.

Unlike other safe-surfing applications, which tend to rely on databases, LinkScanner uses technology that determines, as the page is downloaded onto your browser, whether it is tainted with malicious software.

In CNET Reviews testing, LinkScanner has detected recent changes on Web pages where other safe surfing applications, such as McAfee SiteAdvisor, has not. One limitation of LinkScanner is its inability to determine whether a page is fraudulent; LinkScanner determines only whether the page … Read more

Those of you who haven't yet installed a link scanning or Web site rating program for your Firefox or IE-based browser should hop to it--and consider using LinkScanner Lite when you do.

I've been using LinkScanner Lite and McAfee Site Adviser on both Firefox and IE browsers. Overkill? No way. Each program serves the greater goal of alerting you to dangerous links but differ in their approaches.… Read more

Security researchers on Tuesday found PHP exploit code embedded in a GIF on a major image hosting site. The exploit code slipped through the proverbial gates with the aid of a legitimate image at the beginning of the file, according to a posting on the Sans Internet Storm Center.

"It is a clever way to pass exploit code to others without it setting off alarms or attracting attention all while bypassing network security tools," the Sans security blog noted.

Malicious attackers planted PHP coded exploit script within an image file. PHP is often used as a programming language … Read more

As the automated Mpack attack continues to turn thousands of legitimate Web sites into compromised sites offering drive-by downloads of malicious software, security researcher Roger Thompson over at Exploit Prevention Labs reminds us there are other exploits compromising legitimate sites, and some are as easy to find as entering a simple search string on Google. For more than a week (starting before the current Mpack attack), Thompson has been posting a list of dangerous search strings on his blog site. I've collected these and indicated in parentheses some of the known exploits associated.

At least two sets of exploit code have been posted on the Internet for the security flaws in Yahoo Messenger 8 first disclosed on Wednesday by the security vendor eEye on Tuesday. The two exploits were posted on the Full Disclosure mailing list on Wednesday. One set of code shows how to cause buffer overflow in the Webcam ActiveX component. Another causes a buffer overflow in the viewer ywcvwr.dll. Both exploits were written by Danny.

This morning Yahoo released a patch for Yahoo Messenger, however, update is voluntary. Users will be prompted each time the application loads until the … Read more