Posts Tagged 'vulnerability'
Threats and vulnerabilities are a way of life for IT admins. With the continued rise of computer and network attacks, the threat of a critical attack is virtually constant. With complex software it is all but guaranteed that there will be vulnerabilities for attackers exploit. And the sheer volume of attack vectors for attackers to […]
Recently we caught a malicious sample that exploits a PDF vulnerability–CVE-2013-3346, we believe–and executes after a use-after-free condition occurs. During our analysis we noticed that this PDF sample also exploits a zero-day local Windows vulnerability–CVE-2013-5065–to escalate privilege. This zero-day occurs in NDProxy.sys under Windows XP and 2003. The exploitation of this flaw is similar to […]