Security News 0x0F

• Last week the FBI issued a warning that attackers are using the internet connection in hotel rooms to serve up malware.
• Nicolas Economou at Core Security has a nice piece that shows how the heap corruption in MS12-034 can be exploited. Great reading!
• Here is an older post that shows that (a) you can use group policy to create a local user account on a domain member and (b) this is a bad idea, as the password for that account is almost trivially hackable.
• Eric Romang has a new post on exploiting Firefox 7/8 via CVE 2011-3658.