exploit

Wed
09
Sep
Dennis Faas's picture

Zero-day Attack

A zero-day or "0day" attack is a computer threat that tries to exploit computer application vulnerabilities for which no security fix is yet available. Zero-day exploits are used by attackers before the software vendor knows about the vulnerability. ... The term derives from the age of the exploit. When a vendor becomes aware of a security hole, there is a race to close it before attackers discover it or the vulnerability becomes public. A "zero day" attack occurs on or before the first or "zeroth" day of vendor awareness, meaning the vendor has not had any opportunity to disseminate a security ... (view more)

Fri
29
May
Dennis Faas's picture

Click Carefully: New DirectX Exploit in the Wild

Another remote hacker threat has arisen, and this time it affects popular streaming media tool DirectX. Microsoft announced yesterday that it is currently working on a fix for the security exploit, which could allow someone to take total control of ... a system by using malicious QuickTime video files. DirectX Exploit: Affected Users The exploit involves Microsoft's audio/video sourcing/rendering software DirectShow and the way it handles the QuickTime format files it supports. Users of Windows 2000 Service Pack 4, Windows Server 2003, and Windows XP are those most affected and will want to keep ... (view more)

Mon
04
May
Dennis Faas's picture

Malware

Malware (a portmanteau of "malicious software") is any software program developed for the purpose of causing harm to a computer system, similar to a virus or Trojan horse. Malware can be classified based on how it is executed, how it spreads, and/or ... what it does. The classification is not perfect, however, in the sense that the groups often overlap and the difference is not always obvious, giving rise to frequent flame wars. Overuse of the term 'Virus' Because viruses were historically the first to appear, the term "virus" is often applied, especially in the popular media, to all sorts of ... (view more)

Thu
03
Jan
Dennis Faas's picture

Spyware Goons Exploit Benazir Bhutto's Death

Think CNN and the major network news agencies are the only ones quick to jump on breaking international events? Think again. Only hours after the tragic announcement of the assassination of former Pakistani Prime Minister Benazir Bhutto, malware ... creators had already crafted an exploit to take advantage of curious web users. A number of security companies are reporting the widespread exploit, including McAfee, Symantec, and WebSense. According to this group, at least ten sites on Blogger.com (Google's primary blog service) were, as of the day of Bhutto's assassination, spreading a fake video ... (view more)

Wed
28
Dec
Dennis Faas's picture

Exploit Computer Security

An exploit is a common term in the computer security community to refer to a piece of software that takes advantage of a bug, glitch or vulnerability, leading to privilege escalation or denial of service on a computer system. There are several ... methods of classifying exploits. The most common is by how the exploit contacts the vulnerable software. A 'remote exploit' works over a network and exploits the security vulnerability without any prior access to the vulnerable system. A 'local exploit' requires prior access to the vulnerable system and usually increases the privileges of the person ... (view more)

Mon
22
Aug
Dennis Faas's picture

Malware

Malware Malware , or "malicious software" is a generic term used to describe various types of malevolent programs. Below are some of the most common forms of malware. Virus Viruses have used many sorts of hosts. When computer viruses first ... originated, common targets were executable files that are part of application programs and the boot sectors of floppy disks. More recently, most viruses have embedded themselves in e-mail as Email attachments, depending on a curious user opening the viral attachment. In the case of executable files, the infection routine of the virus arranges that ... (view more)

Fri
03
Dec
Dennis Faas's picture

Which email attachments are safe to open?

Infopackets Reader Polly B. writes: " Dear Dennis, I've downloaded and successfully installed Service Pack 2 onto my computer. The only complaint I have so far is that Outlook Express is so security tight, that a lot of the email messages I have put ... aside (with file attachments) now cannot be opened. I went in and took off the Outlook Express Security 'do not allow me to open potentially dangerous attachments' option, and now everything is OK. I felt safe in choosing to disable this 'security features' because I use Norton Security which blocks potentially malicious email attachments. My ... (view more)

Thu
30
Sep
Dennis Faas's picture

Windows Security Exploit: Jpeg of Death

Yesterday, I came across a very interesting article posted by p2pnet.net which details a recent exploit in MS Windows, called "jpeg of death.c v.05". In summary: on September 17th, 2004, a proof-of-concept exploit was discovered that could ... potentially execute malicious code on the victim's computer when viewing a JPG file image file using Internet Explorer; at the time, however, the exploit only crashed Internet Explorer. On September 24th, a new variant of the exploit appeared, responsible for running potentially malicious code if an infected .jpeg file was downloaded from the ... (view more)

Wed
30
Jul
Dennis Faas's picture

Internet Explorer MSHTA Security Threat

I'd like to discuss a security threat which was recently discovered in Internet Explorer. Mike Healan of Spywareinfo.com forwarded an article to me today. The article urges all Windows users to take the necessary precautions to secure their browsers ... from a nasty exploit recently discovered in Internet Explorer. The exploit allows hackers to gain control of a system and execute harmful code. http://www.spywareinfo.com/articles/htasploit/ Without further adieu, here is the article by Mike Healan (edited): -- Members of the SWI support forums have uncovered a very nasty flaw in Internet Explorer ... (view more)

Tue
02
Jul
Dennis Faas's picture

Windows Media Player Vulnerability Security Issue -- Q320920

Woops! It looks like Microsoft has goofed again. If you haven't been watching the news lately (maybe you don't get CNN?) -- Microsoft has released a security bulletin ( Q320920 ) regarding a critical flaw in Windows Media Player which can allow an ... attacker to gain unrestricted access to your system. Who is affected? Anyone who is using Windows Media Player version 6.4, 7.1 or Windows Media Player for Windows XP (version 8) should download a software patch to their system immediately. Side note: A software patch is piece of software that fixes a program (which is also software). In this case, ... (view more)

Pages

Subscribe to RSS - exploit