Posts Tagged ‘china’

Microsoft shocked : Local Kernel Privilege Escalation (0-day, 17y.old) + IE fixs.

Saturday, January 23rd, 2010

Microsoft shocked : Local Privilege Escalation in Windows Kernel.

Do you remember Google vs China? Remember bugs that have allowed Chinese hackers to enter into Gmail accounts and access to confidential information?

Microsoft has confirmed a privilege-escalation vulnerability in the Windows kernel, one day after a Google engineer posted details of the flaw to the Full Disclosure mailing list.

Systems Affected :
All supported versions of 32-bit Windows, while 64-bit versions, which includes Windows Servers 2008 R2, are not impacted.

Details :
Vulnerability is difficult to exploit, the risk for users is low, and the software giant is not aware of any public attacks exploiting the flaw.
To exploit this vulnerability, an attacker must already have a local access to the system, then elevate their privileges to the administrative level and run programs of their choice on the system.

Advisory + sploit : (external link)
KiTrap0D

Internet Explorer – Remote Code Execution Vulnerability
Microsoft is issuing on January 21 an out-of-band fix for the Internet Explorer security breach that affected Google and other companies in China.

Tags: , , , , , ,
Posted in Articles, Hacking, Infosecurity, News | 1 Comment »

Internet Explorer 6-7-8 => Remote Code Execution

Tuesday, January 19th, 2010

Summary:
Microsoft is investigating reports of limited, targeted attacks against customers of Internet Explorer 6, using a vulnerability in Internet Explorer.

Affected:
Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4 is not affected, and that Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6, Internet Explorer 7 and Internet Explorer 8 on supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are vulnerable.

Vulnerability:
The vulnerability exists as an invalid pointer reference within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.
In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker’s Web site.
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.

NOTE: This is the vulnerability used by China hackers to spy and scam Gmail Accounts.

Tags: , , , , , , , , ,
Posted in Articles, Exploits, Hacking, News | Comments Off

The reality of Phishing and Global Security failed.

Monday, July 6th, 2009

Yes , security . But unfortunately isn’t only respect hacking and hackers or focused on high security level.
What is concretely the modern concept of security? I’m talking about security for everyone using internet and net-services that is actually delegated to giant corporations.
However , big is focused on marketing and advertising , so usually doesn’t provide the necessary security to customers.
Moreover legislation is inefficient or obsolete, online transaction as e-banking is very popular , there are a lot of vulnerabilities which may not be caught up by most service providers and browser vendors , spamming technology is very lamer-friendly . All encourages crackers in phishing or illegal business.
The modern reality of phishing uses social engineering, spam and fake websites obviously with a spoofed identity convincing victims to visit exploited url or to login in fake look like original.

Attackers exploit web browsers using a 0-day bug, unfixed by vendors , to install a malware or infostealer, or dangerous web features like activeX , flash , javascript , xml or technologies like url obfuscation attack , visual spoofing in modern browsers , clickjacking , cross site scripting stoling account credentials, csrf , DNS server poisoning sniffing password information even in the HTTPS connection.

There are a lot of examples of phishing , Paypal , E-bay , Banks and so on.
There are a lot of phishing locations , Usa , Corea , China , Brazil and so on.
Old hackers aren’t involved in , attackers are frequently script kiddies , crackers and generally not properly coders . However they are dangerous for normal users , very very dangerous , even a fake login can be fatal.
Law is impotent and obsolete , there isn’t a content security policy , normal users are unprepared and uninformed . So phishing is a catastrophic reality that sees hackers exploits, sources and kits used by script kiddies to steal victims. Well.

Tags: , , , , , , , , , , , , , , , , , , , ,
Posted in Articles, Exploits, General, Hacking, Infosecurity | Comments Off