Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: G+ Digg Delicious Reddit Facebook Twitter StumbleUpon

[-]
Tags
windows devastating microsoft exploit flaws adobe combine hackers

Hackers Combine Microsoft, Adobe Flaws in Devastating Windows Exploit
#1
You are not allowed to view links. Register or Login to view.        Hackers Combine Microsoft, Adobe Flaws in Devastating Windows Exploit
Vulnerabilities already fixed by both companies this month
May 16, 2018 09:54 GMT  ·  By Bogdan Popa ·  Share:      
Two different vulnerabilities in Microsoft and Adobe software were used by hackers in a combined exploit targeting Windows systems before eventually being addressed by both companies in their patching cycles earlier this month.

Security vendor ESET says in an in-depth analysis that it discovered a malicious PDF on a public mirror that was supposed to be used for launching attacks against Windows hosts. The document included JavaScript code and a crafted JPEG2000 image to take advantage of vulnerability CVE-2018-4990 in Adobe Reader.

Successfully exploiting the remote-code execution flaw in this application would have provided attackers with rights ro read and write in memory.

In order to break the sandbox, hackers would have then turned to a second vulnerability documented as CVE-2018-8120 and representing a privilege escalation bug in Windows.

Fancy Bear-inspired approach
This time, the security issue affects the Win32k component, which can be hijacked to run arbitrary code on the compromised system, which technically means that hackers would have obtained full control over the target computer.

“The use of the combined vulnerabilities is extremely powerful, as it allows an attacker to execute arbitrary code with the highest possible privileges on the vulnerable target, and with only the most minimal of user interaction,” ESET security researcher Anton Cherepanov, who also discovered the vulnerabilities and reported them to parent companies, explained in the analysis.

There’s evidence, however, that the exploit was still under development when it was detected, as the PDF sample did not contain a final payload.

On the other hand, Cherepanov notes that combining exploits is a very advanced technique that hackers like the Russian group Fancy Bear is believed to be using. However, there’s no proof that Russian hackers have been involved in these attacks.

Microsoft and Adobe have already released patches for the two vulnerabilities combined in this exploit, so users are recommended to install them as soon as possible.
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  Kaspersky Lab uncovers new exploited vulnerability in Microsoft Windows OS kernel Mohammad.poorya 1 120 01-08-2019 , 05:53 PM
Last Post: dinosaur07
  New Windows Zero-Day Exploit Comodo Cybersecurity mrtrout 0 88 10-31-2018 , 11:02 PM
Last Post: mrtrout
  Brazil Says Windows 10 Collects User Data Without Consent, Sues Microsoft mrtrout 0 209 04-26-2018 , 06:30 PM
Last Post: mrtrout
  Microsoft Outlook flaw let hackers steal your Windows password tarekma7 0 228 04-19-2018 , 06:57 PM
Last Post: tarekma7
  Microsoft to Retire Windows 10 Anniversary Update (Version 1607) Next Month Annivers mrtrout 0 216 03-15-2018 , 01:33 AM
Last Post: mrtrout

Forum Jump:


Users browsing this thread: 1 Guest(s)