Russian security firm Group-IB claims to have uncovered a critical Adobe Reader vulnerability that is currently being exploited in the wild by attackers in order to circumvent the ubiquitous PDF viewer’s sandbox, a security feature Adobe first introduced as part of Reader X nearly two years ago. Even though this zero-day vulnerability is said to have a few “limitations”, they don’t seem to be crippling enough to stop it from being sold on the black market for anywhere between $30,000 and $50,000.
Throughout history, wars and plagues have wiped out entire cities and civilizations, leaving behind nothing but corpses and tears. Strangely enough, the same thing happened yesterday in World of Warcraft when hackers took advantage of an exploit that allowed them to march through various realms, destroying every character they came across, even non-player characters (NPCs).
On Tuesday, Microsoft issued a patch to plug a critical hole in Windows’ Remote Desktop Protocol. Fearing the possibility of an exploit being developed in the “next 30 days,” the company “strongly” advised the immediate deployment of this patch in a blog post detailing the said RDP vulnerability (CVE-2012-0002). Well, it seems that Microsoft was right about the vulnerability being highly attractive to hackers.
The Maximum PC Podcast keeps BS to a minimum while simultaneously supplying maxed-out levels of hijinks and information, but for you media-addicted types out there, one podcast a week might not fulfill your quota for listening pleasure. We understand if you turn to the excellent lineup of broadcasts put together by Leo Laporte and the awesome TWiT.tv team to catch up on your tech news, too, but you might want to pass on your regular visit to the TWiT.tv site this week; hackers have managed to slip some malicious code onto the site.
China's been catching a lot of grief lately for ruthlessly culling scores of websites from the Internet, but as it turns out, Google may have been unintentionally doing it's part, too. Yesterday, James Breckenridge, the director of operations at UK Web Media, reported an exploit in Google's Webmaster Tools that allowed anybody to remove any website from Google's search results. And, as everybody knows, if you're not on Google, you might as well not even be on the Internet.
Google Chrome has amassed quite a favorable reputation for security with both users and security researchers. To its credit, it is the only web browser to have never been hacked at the annual Pwn2Own hacking competition. In fact, on the first day of this year’s Pwn2Own contest (Mar 9-11), Google even offered a $20,000 cash prize to anybody who could circumnavigate the browser’s sandbox “using vulnerabilities purely present in Google-written code.” While no one managed to claim the prize back then, researcher from French security firm VUPEN now claim to have finally “Pwnd Google Chrome and its sandbox.” Hit the jump for more.
You know how things that are too good to be true usually are? Well, if you purchased a bunch of Microsoft Points on the cheap from eBay, Craigslist, or somewhere else in the secondhand market, there's a good chance they were falsely generated. Hackers figured out an algorithm to add to existing, used codes to get new MS points in 160-point increments. Hitting refresh would keeping adding to the total.
In the grand scheme of things, relatively few people ever claim $20,000 for a day's worth of work. You can be one of them, provided you put your hacker hat on and attend the Pwn2Own contest next month. Google's challenge is this: Be the first to "pop [the Cr-48's Chrome] browser and escape the sandbox using vulnerabilities purely present in Google-written code" and the bounty, as well as the laptop, are both yours to keep, TippingPoint said in a blog post.
"If competitors are unsuccessful, on day 2 and 3 the ZDI will offer $10,000 USD for a sandbox escape in non-Google code and Google will offer $10,000 USD for the Chrome bug. Either way, plugins other than the built-in PDF support are out of scope," TippingPoint said.
TippingPoint has put up a total cash pool of $125,000 in this year's Pwn2Own contest, with only $20,000 coming from outside funding (Google). This is the first time Google has offered a cash prize as part of the event, though it's worth mentioning that Chrome was the only browser to remain unscathed during last year's contest.
Microsoft today issued an out-of-band security update to tackle a bug in ASP.NET that is being exploited in the wild. Following a public report of the vulnerability, the Redmond outfit confirmed the bug in a Security Advisory (2416728) on September 17. MS, in its advisory, had expressed concerns that hackers could use the Windows Web server flaw to “view data, such as the View State, which was encrypted by the target server, or read data from files on the target server, such as web.config.”
"Based on our comprehensive monitoring of the threat landscape, we have determined an out-of-band release is needed to protect customers, as we have seen limited attacks and continued attempts to bypass current defenses and workarounds," the company told the IDG News Service.
The fix covers all supported Windows versions. The update is currently only available through the company's download center, and not through Windows Update, meaning that it can only be installed manually.
"This is the first time we've released [an] update this way, but due to the nature of the active attacks and the severity of the potential loss of data, we are releasing the security update to the Microsoft Download Center first so customers (specifically large enterprises, hosting providers and ISVs) can begin updating their systems.”
It's that time of the month again when Microsoft plugs some of the holes in its software. If the sheer number of vulnerabilities a Patch Tuesday addresses is the best way to gauge its significance, it does not get any bigger than this: MS is slated to release 14 security bulletins covering 34 vulnerabilities in Windows, Internet Explorer, Office and Silverlight.
But the record number of security bulletins will not include a fix for a recently revealed bug in the Windows kernel driver. The zero-day bug was reported by Gil Dabah (aka Arkon), an Israeli security researcher, who also published proof-of-concept exploit code on his site RageStorm.com. According to Jerry Bryant, Microsoft's group manager of response communications: "Microsoft is investigating reports of a possible vulnerability in Windows Kernel. Upon completion of the investigation, Microsoft will take appropriate actions to protect customers."
“This issue is caused by a buffer overflow error in the 'CreateDIBPalette()' function within the kernel-mode device driver 'Win32k.sys' when using the 'biClrUsed' member value of a 'BITMAPINFOHEADER' structure as a counter while retrieving Bitmap data from the clipboard, which could be exploited by malicious users to crash an affected system or potentially execute arbitrary code with kernel privileges,” reads an advisory issued by French security research firm VUPEN.
Microsoft has already addressed 13 Windows kernel bugs in 2010. According to security researcher Tavis Ormandy, who recently infuriated Redmond by hastily exposing a critical zero-day Windows bug, the company has been vulnerable to public kernel flaws for most of this year.