soft Microsoft-Vietnam Cement Anti-Piracy Deal By packetstormsecurity.com Published On :: Mon, 21 May 2007 19:52:16 GMT Full Article microsoft vietnam
soft Mozilla Just Doubled Its Payouts As It Tries To Attract Software Vulnerability Hunters By packetstormsecurity.com Published On :: Wed, 20 Nov 2019 15:01:32 GMT Full Article headline hacker flaw mozilla firefox
soft McAfee Buys Stonesoft Security For $389m By packetstormsecurity.com Published On :: Tue, 07 May 2013 14:31:04 GMT Full Article headline mcafee
soft Microsoft / McAfee Move To Gut Superfish From Lenovo Laptops By packetstormsecurity.com Published On :: Mon, 23 Feb 2015 15:28:43 GMT Full Article headline malware microsoft china mcafee backdoor cryptography
soft Microsoft And Symantec Take Down Batimal Botnet By packetstormsecurity.com Published On :: Thu, 07 Feb 2013 15:06:13 GMT Full Article headline malware microsoft cybercrime botnet symantec
soft Microsoft Windows NtUserSetWindowFNID Win32k User Callback By packetstormsecurity.com Published On :: Tue, 16 Jul 2019 20:32:16 GMT An elevation of privilege vulnerability exists in Microsoft Windows when the Win32k component fails to properly handle objects in memory. This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This Metasploit module is tested against Windows 10 v1703 x86. Full Article
soft Microsoft Windows 7 Build 7601 (x86) Local Privilege Escalation By packetstormsecurity.com Published On :: Fri, 26 Jul 2019 03:22:22 GMT Microsoft Windows 7 Build 7601 (x86) local privilege escalation exploit. Full Article
soft Microsoft Windows Internet Settings Security Feature Bypass By packetstormsecurity.com Published On :: Tue, 17 Sep 2019 16:50:38 GMT Microsoft Windows suffers from an Internet Settings misconfiguration security feature bypass vulnerability. Versions affected include Windows 7 SP1, 8.0, 8.1 x86 and x64 with full patches up to July 2019. Full Article
soft Microsoft Windows 7 (x86) BlueKeep RDP Use-After-Free By packetstormsecurity.com Published On :: Tue, 19 Nov 2019 15:05:11 GMT Microsoft Windows 7 (x86) BlueKeep remote desktop protocol windows kernel use-after-free exploit. Full Article
soft Microsoft Teams Instant Messenger DLL Hijacking By packetstormsecurity.com Published On :: Mon, 16 Dec 2019 15:58:17 GMT Microsoft Teams Instant Messenger application on Windows 7 SP1 fully patched is vulnerable to remote DLL hijacking. Full Article
soft Microsoft Windows 7 Screen Lock Shellcode By packetstormsecurity.com Published On :: Wed, 22 Jan 2020 16:02:06 GMT 9 bytes small Microsoft Windows 7 screen locking shellcode. Full Article
soft Business Live Chat Software 1.0 Cross Site Request Forgery By packetstormsecurity.com Published On :: Wed, 26 Feb 2020 17:02:22 GMT Business Live Chat Software version 1.0 suffers from a cross site request forgery vulnerability. Full Article
soft Apple, Samsung, Microsoft React To Wikileaks' CIA Dump By packetstormsecurity.com Published On :: Wed, 08 Mar 2017 14:22:09 GMT Full Article headline government microsoft usa data loss flaw spyware apple cia samsung
soft Microsoft Windows NtUserMNDragOver Local Privilege Escalation By packetstormsecurity.com Published On :: Fri, 08 May 2020 20:05:13 GMT This Metasploit module exploits a NULL pointer dereference vulnerability in MNGetpItemFromIndex(), which is reachable via a NtUserMNDragOver() system call. The NULL pointer dereference occurs because the xxxMNFindWindowFromPoint() function does not effectively check the validity of the tagPOPUPMENU objects it processes before passing them on to MNGetpItemFromIndex(), where the NULL pointer dereference will occur. This module has been tested against Windows 7 x86 SP0 and SP1. Offsets within the solution may need to be adjusted to work with other versions of Windows, such as Windows Server 2008. Full Article
soft Microsoft Discloses Security Breach Of Customer Support Database By packetstormsecurity.com Published On :: Wed, 22 Jan 2020 15:57:33 GMT Full Article headline hacker privacy microsoft data loss identity theft
soft Addressing Supply-Chain Risk Starts With People, Says Microsoft By packetstormsecurity.com Published On :: Sat, 10 Aug 2019 16:23:28 GMT Full Article headline microsoft conference
soft Microsoft VSCode Python Extension Code Execution By packetstormsecurity.com Published On :: Wed, 18 Mar 2020 15:12:49 GMT Proof of concept exploit for a Microsoft VSCode python extension code execution vulnerability. Full Article
soft Microsoft Passport Cracked via Hotmail By packetstormsecurity.com Published On :: Mon, 05 Nov 2001 07:02:12 GMT Full Article microsoft email passport
soft Foreshadow And Intel SGX Software Attestation: The Whole Trust Model Collapses By packetstormsecurity.com Published On :: Wed, 15 Aug 2018 14:35:56 GMT Full Article headline flaw cryptography intel
soft 6 Men Admit To Running A Global $100M Software Piracy Ring By packetstormsecurity.com Published On :: Fri, 18 Dec 2015 21:03:17 GMT Full Article headline cybercrime fraud pirate
soft Navy Denies It Pirated 558K Copies Of Software By packetstormsecurity.com Published On :: Tue, 15 Nov 2016 00:59:36 GMT Full Article headline government usa fraud pirate
soft Packet Storm Exploit 2013-1022-1 - Microsoft Silverlight Invalid Typecast / Memory Disclosure By packetstormsecurity.com Published On :: Wed, 23 Oct 2013 00:55:43 GMT This exploit leverages both invalid typecast and memory disclosure vulnerabilities in Microsoft Silverlight 5 in order to achieve code execution. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected". Full Article
soft Packet Storm Advisory 2013-1022-1 - Microsoft Silverlight Invalid Typecast / Memory Disclosure By packetstormsecurity.com Published On :: Wed, 23 Oct 2013 01:03:08 GMT Microsoft Silverlight 5 suffers from invalid typecast and memory disclosure vulnerabilities that, when leveraged together, allow for arbitrary code execution. A memory disclosure vulnerability exists in the public WriteableBitmap class from System.Windows.dll. This class allows reading of image pixels from the user-defined data stream via the public SetSource() method. BitmapSource.ReadStream() allocates and returns byte array and a count of array items as out parameters. These returned values are taken from the input stream and they can be fully controlled by the untrusted code. When returned "count" is greater than "array.Length", then data outside the "array" are used as input stream data by the native BitmapSource_SetSource() from agcore.dll. Later all data can be viewed via the public WriteableBitmap.Pixels[] property. Exploitation details related to these findings were purchased through the Packet Storm Bug Bounty program. Full Article
soft Microsoft Internet Explorer COALineDashStyleArray Unsafe Memory Access By packetstormsecurity.com Published On :: Tue, 26 Nov 2013 01:52:43 GMT This Metasploit module exploits a vulnerability on Microsoft Silverlight. The vulnerability exists on the Initialize() method from System.Windows.Browser.ScriptObject, which access memory in an unsafe manner. Since it is accessible for untrusted code (user controlled) it's possible to dereference arbitrary memory which easily leverages to arbitrary code execution. In order to bypass DEP/ASLR a second vulnerability is used, in the public WriteableBitmap class from System.Windows.dll. This Metasploit module has been tested successfully on IE6 - IE10, Windows XP SP3 / Windows 7 SP1 on both x32 and x64 architectures. Full Article
soft Microsoft Windows Firewall Disabling Shellcode By packetstormsecurity.com Published On :: Mon, 20 Apr 2020 23:02:22 GMT 644 bytes small Microsoft Windows x86 shellcode that disables the Windows firewall, adds the user MajinBuu with password TurnU2C@ndy!! to the system, adds the user MajinBuu to the local groups Administrators and Remote Desktop Users, and then enables the RDP Service. Full Article
soft Microsoft Windows Kernel REG_RESOURCE_LIST Memory Disclosure By packetstormsecurity.com Published On :: Wed, 21 Mar 2018 02:11:57 GMT The Microsoft Windows kernel suffers from a 64-bit pool memory disclosure vulnerability via REG_RESOURCE_LIST registry values (CmResourceTypeDevicePrivate entries). Full Article
soft Microsoft Windows Kernel REG_RESOURCE_LIST Memory Disclosure By packetstormsecurity.com Published On :: Wed, 21 Mar 2018 02:13:09 GMT The Microsoft Windows kernel suffers from a 64-bit pool memory disclosure vulnerability via REG_RESOURCE_LIST registry values (videoprt.sys descriptors). Full Article
soft Microsoft Windows Kernel REG_RESOURCE_REQUIREMENTS_LIST Memory Disclosure By packetstormsecurity.com Published On :: Wed, 21 Mar 2018 02:14:27 GMT The Microsoft Windows kernel suffers from a 64-bit pool memory disclosure vulnerability via REG_RESOURCE_REQUIREMENTS_LIST registry values. Full Article
soft Microsoft Windows Desktop Bridge Privilege Escalation By packetstormsecurity.com Published On :: Wed, 21 Mar 2018 02:22:57 GMT Microsoft Windows suffers from a Desktop Bridge Virtual Registry arbitrary file read / write privilege escalation vulnerability. Full Article
soft Microsoft Windows Desktop Bridge Privilege Escalation By packetstormsecurity.com Published On :: Wed, 21 Mar 2018 02:24:41 GMT Microsoft Windows suffers from a Desktop Bridge Virtual Registry NtLoadKey arbitrary file read / write privilege escalation vulnerability. Full Article
soft Microsoft Windows Desktop Bridge Virtual Registry Incomplete Fix By packetstormsecurity.com Published On :: Wed, 20 Jun 2018 00:01:00 GMT The handling of the virtual registry for desktop bridge applications can allow an application to create arbitrary files as system resulting in privilege escalation. This is because the fix for CVE-2018-0880 (MSRC case 42755) did not cover all similar cases which were reported at the same time in the issue. Full Article
soft Microsoft Windows 10 UAC Bypass By computerDefault By packetstormsecurity.com Published On :: Mon, 22 Oct 2018 01:11:11 GMT This exploit permits an attacker to bypass UAC by hijacking a registry key during computerSecurity.exe (auto elevate windows binary) execution. Full Article
soft Microsoft Windows 10 User Sessions Stuck By packetstormsecurity.com Published On :: Tue, 30 Oct 2018 10:11:11 GMT This exploit modifies a windows language registry key which causes some windows binaries to stick, including login which makes the session unusable. The key is in HKCU and can be modified without admin rights, but with a bypass UAC, all user sessions can be paralyzed by using reg.exe and user's NTUSER.DAT. Full Article
soft Microsoft Windows .Reg File / Dialog Box Message Spoofing By packetstormsecurity.com Published On :: Mon, 11 Mar 2019 23:02:22 GMT The Windows registry editor allows specially crafted .reg filenames to spoof the default registry dialog warning box presented to an end user. This can potentially trick unsavvy users into choosing the wrong selection shown on the dialog box. Furthermore, we can deny the registry editor its ability to show the default secondary status dialog box (Win 10), thereby hiding the fact that our attack was successful. Full Article
soft Microsoft Windows CmKeyBodyRemapToVirtualForEnum Arbitrary Key Enumeration By packetstormsecurity.com Published On :: Tue, 21 May 2019 23:00:00 GMT The Microsoft Windows kernel's Registry Virtualization does not safely open the real key for a virtualization location leading to enumerating arbitrary keys resulting in privilege escalation. Full Article
soft Microsoft Windows Kernel Privilege Escalation By packetstormsecurity.com Published On :: Fri, 28 Feb 2020 23:02:22 GMT This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Tracing functionality used by the Routing and Remote Access service. The issue results from the lack of proper permissions on registry keys that control this functionality. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. Full Article
soft Ubisoft Sues Operators Of Four DDoS For Hire Services By packetstormsecurity.com Published On :: Tue, 21 Jan 2020 16:44:56 GMT Full Article headline denial of service
soft Microsoft Must Release Email Data Held On Dublin Server By packetstormsecurity.com Published On :: Mon, 28 Apr 2014 21:55:59 GMT Full Article headline government privacy microsoft email usa ireland
soft Microsoft Fights US Warrant For Customer Data Stored Overseas By packetstormsecurity.com Published On :: Wed, 11 Jun 2014 23:49:27 GMT Full Article headline government privacy microsoft usa ireland
soft Microsoft Refuses To Hand Over Foreign Data, Held In Contempt Of Court By packetstormsecurity.com Published On :: Fri, 12 Sep 2014 23:17:13 GMT Full Article headline government privacy microsoft usa data loss spyware ireland
soft Microsoft Fights Government Search Warrant By packetstormsecurity.com Published On :: Thu, 11 Dec 2014 22:54:53 GMT Full Article headline government privacy microsoft email usa ireland
soft Ireland Sides With Microsoft In Email Privacy Case By packetstormsecurity.com Published On :: Fri, 26 Dec 2014 15:39:00 GMT Full Article headline government privacy microsoft email usa ireland
soft Major Win For Microsoft In 'Free For All' Data Case By packetstormsecurity.com Published On :: Fri, 15 Jul 2016 04:51:36 GMT Full Article headline government privacy microsoft usa spyware ireland
soft Microsoft Mocks Google For Failed Security Fix Deployment Methodology By packetstormsecurity.com Published On :: Thu, 19 Oct 2017 14:17:08 GMT Full Article headline microsoft flaw google chrome
soft Microsoft's Bing Search Engine Inaccessible In China By packetstormsecurity.com Published On :: Thu, 24 Jan 2019 15:33:05 GMT Full Article headline government microsoft china censorship
soft Microsoft's GitHub Blocks Catalan Protest App By packetstormsecurity.com Published On :: Wed, 30 Oct 2019 15:36:48 GMT Full Article headline government microsoft spain censorship
soft Microsoft PowerPoint Viewer TextBytesAtom Stack Buffer Overflow By packetstormsecurity.com Published On :: Fri, 14 May 2010 14:44:02 GMT This Metasploit module exploits a stack buffer overflow vulnerability in the handling of the TextBytesAtom records by Microsoft PowerPoint Viewer. According to Microsoft, the PowerPoint Viewer distributed with Office 2003 SP3 and earlier, as well as Office 2004 for Mac, are vulnerable. NOTE: The vulnerable code path is not reachable on versions of Windows prior to Windows Vista. Full Article
soft Microsoft Windows OpenType CFF Driver Stack Overflow By packetstormsecurity.com Published On :: Fri, 15 Apr 2011 14:28:37 GMT The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by a stack overflow error in the OpenType Compact Font Format (CFF) driver "ATMFD.dll" when processing certain operands within an OpenType font, which could be exploited by remote attackers to execute arbitrary code on a vulnerable Windows 7, Windows Server 2008, Windows Server 2008 R2, and Windows Vista systems via a malicious font, or by local attackers to gain elevated privileges on Windows XP and Windows Server 2003 systems via a malicious application. Full Article
soft Microsoft Windows Vista/Server 2008 nsiproxy.sys Denial Of Service By packetstormsecurity.com Published On :: Wed, 18 May 2011 09:09:09 GMT Microsoft Windows Vista/Server 2008 nsiproxy.sys local kernel denial of service exploit. Full Article
soft MS14-060 Microsoft Windows OLE Package Manager Code Execution By packetstormsecurity.com Published On :: Sat, 18 Oct 2014 00:42:31 GMT This Metasploit module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, publicly known as "Sandworm". Platforms such as Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable. Full Article