Author: Jim Walter

Jim Walter Jim Walter is manager of the McAfee Threat Intelligence Service (MTIS) for the Office of the CTO. He focuses on new threat research as well as the cataloging and maintenance of vulnerabilities and associated countermeasures. Walter has been with McAfee for more than 14 years and works extensively with the internal sales and support teams to provide knowledge and guidance around vulnerability and malware threats. He leads a global team of threats analysts, and directs the content generated by this team: Security Advisories, countermeasure/detector feeds, Global Threat Intelligence apps, and more. Walter is a frequent speaker at industry events and conferences, and cohost of AudioParasitics – The Official Podcast of McAfee Labs.

On March 24, Microsoft released Security Advisory 2953095 for Microsoft Word. In-the-wild exploitation of this vulnerability has been observed across limited, targeted attacks. The flaw is a memory-corruption vulnerability that can be invoked when parsing specially crafted RTF files or data. Successful exploitation can give an attacker the ability to run arbitrary code (via remote […]

On February 19, Microsoft released Security Advisory (2934088) for Microsoft Internet Explorer. This vulnerability was previously reported, by 3rd parties, during the 2nd week of February 2014. In-the-wild exploitation has been observed (at least) back to early January 2014. Specifically, the flaw is a use-after-free condition during Internet Explorer’s processing of specific CMarkup objects. We […]

On February 4, Adobe released an out-of-band update for Adobe Flash Player. The update addresses a critical remote code execution vulnerability that is being actively exploited in the wild. The update applies to Windows, Mac OS X, and Linux. We are currently analyzing details and indicators. Watch this space for updates, indicators, and more information […]

January 21, 2014:  As more information comes to light, surrounding these events, we continue to identify and analyze additional components and behaviors.   To shed more detailed light on the malware specific to these events, our team in McAfee Labs has released an updated Threat Advisory entitled “McAfee Labs Threat Advisory: EPOS Data Theft“.  The […]

On November 27, Microsoft published Security Advisory 2914486, which covers an elevation of privilege vulnerability in certain versions of Windows XP and Windows Server 2003. The flaw lies in the NDProxy component of the Windows kernel. Exploitation requires that an attacker holds local login credentials. This threat is currently being exploited in limited and targeted […]