Exploit code demonstrating a memory corruption bug in Microsoft’s Edge web browser has been published by the researcher that discovered and reported the vulnerability in the first place. The code can lead to remote code execution on unpatched machines.
Microsoft has released an out-of-band security update that fixes an actively exploited vulnerability in Internet Explorer. This vulnerability has been assigned ID CVE-2018-8653 and was discovered by Google’s Threat Analysis Group when they saw the vulnerability being used in targeted attacks.
According to Microsoft’s security bulletin this is a vulnerability in how the Internet Explorer scripting engine handles objects in memory. Attackers can use this vulnerability to corrupt memory in such a way that attackers could execute code under the security privileges of the logged in user.
The Apache Software Foundation is urging users that run Apache Struts 2.3.x to update the Commons FileUpload library to close a serious vulnerability that could be exploited for remote code execution attacks.
Apache Struts 2 is a widely-used open source web application framework for developing Java EE web applications. The Commons FileUpload library is used to add file upload capabilities to servlets and web applications. The vulnerability (CVE-2016-1000031) is present in Commons FileUpload versions before 1.3.3, and arose due to the inclusion of a Java Object that can be manipulated to write or copy files to disk in arbitrary locations.
A new hacking technique used against vulnerable MikroTik routers gives attackers the ability to execute remote code on affected devices. The technique is yet another security blow against the MikroTik router family. Previous hacks have left the routers open to device failures, cyptojacking and network eavesdropping.
The hacking technique, found by Tenable Research is tied to the existing directory traversal bug (CVE-2018-14847) found and patched in April. That vulnerability was rated medium in severity. However, Tenable Research says it has recently found a new attack technique that exploits the same bug.
Read more about why Tenable researchers say the medium severity bug should now be rated critical on Threatpost.
Security experts are warning of a new hacktivist campaign which goes further than merely defacing websites, by linking to malware which could allow for remote code execution by an attacker.
The group in question claims to be part of the ‘AnonGhostTeam’ collective which has targeted government and mass media sites in the past, Zscaler security researcher Chris Mannon explained in a blog post.
Read more about how the hacktivists are planning to use the remote code execution flaw to their campaign advantage on Info Security.