Tag: Remote Code Execution

Demo Exploit Code Published for Remote Code Execution via Microsoft Edge

Exploit code demonstrating a memory corruption bug in Microsoft’s Edge web browser has been published by the researcher that discovered and reported the vulnerability in the first place. The code can lead to remote code execution on unpatched machines.

The security bug affects Chakra, the JavaScript engine powering Edge, in a way that could allow an attacker to run on the machine arbitrary code with the same privileges as the logged user. Reported by Bruno Keith of the phoenhex team of vulnerability researchers, the flaw has been marked as having a critical impact by Microsoft on most operating systems it affects.

Read more about the Microsoft Edge RCE bug on BleepingComputer.

Microsoft Releases Out-of-Band Security Update for Internet Explorer RCE Zero-Day

Microsoft has released an out-of-band security update that fixes an actively exploited vulnerability in Internet Explorer.  This vulnerability has been assigned ID CVE-2018-8653 and was discovered by Google’s Threat Analysis Group when they saw the vulnerability being used in targeted attacks.

According to Microsoft’s security bulletin this is a vulnerability in how the Internet Explorer scripting engine handles objects in memory.  Attackers can use this vulnerability to corrupt memory in such a way that attackers could execute code under the security privileges of the logged in user.

Read more about the actively exploited vulnerability on BleepingComputer.

Apache Struts 2.3.x vulnerable to two year old RCE flaw

The Apache Software Foundation is urging users that run Apache Struts 2.3.x to update the Commons FileUpload library to close a serious vulnerability that could be exploited for remote code execution attacks.

Apache Struts 2 is a widely-used open source web application framework for developing Java EE web applications. The Commons FileUpload library is used to add file upload capabilities to servlets and web applications. The vulnerability (CVE-2016-1000031) is present in Commons FileUpload versions before 1.3.3, and arose due to the inclusion of a Java Object that can be manipulated to write or copy files to disk in arbitrary locations.

Read more about the Apache Struts flaw on Help Net Security.

PoC Attack Escalates MikroTik Router Bug to ‘As Bad As It Gets’

A new hacking technique used against vulnerable MikroTik routers gives attackers the ability to execute remote code on affected devices. The technique is yet another security blow against the MikroTik router family. Previous hacks have left the routers open to device failures, cyptojacking and network eavesdropping.

The hacking technique, found by Tenable Research is tied to the existing directory traversal bug (CVE-2018-14847) found and patched in April. That vulnerability was rated medium in severity. However, Tenable Research says it has recently found a new attack technique that exploits the same bug.

Read more about why Tenable researchers say the medium severity bug should now be rated critical on Threatpost.

Hacktivists Get Serious with Remote Code Malware

Security experts are warning of a new hacktivist campaign which goes further than merely defacing websites, by linking to malware which could allow for remote code execution by an attacker.

The group in question claims to be part of the ‘AnonGhostTeam’ collective which has targeted government and mass media sites in the past, Zscaler security researcher Chris Mannon explained in a blog post.

Read more about how the hacktivists are planning to use the remote code execution flaw to their campaign advantage on Info Security.