Security News #0x53
- We have a couple of new exploits in Metasploit attacking Windows targets, though it looks like the updated have not yet propagated downstream to Kali. The first attacks Internet Explorer via a use after free in how the cursor is handled. The problem is CVE 2013-3205, and was patched in MS13-069.
- The second problem is a vulnerability in both XP and Server 2003; the issue here is how the system handles themes. These specify the path for the screen saver; if this is modified to point to a remote malicious file, well, bad things happen. The vulnerability is CVE 2013-0810, and it was patches in MS13-071.
- We also mention a new Metasploit module that affects OpenEMR 4.1.1 Patch 14. OpenEMR is an open source tool for electronic medical records; it was featured in the 2012 mid-Atlantic Collegiate Cyber Defense Competition.
- The folks at Spider Labs have a fantastic piece called Top Five Ways SpiderLabs Got Domain Admin on Your Internal Network. Definitely worth a read!
- If you want to know more about Armitage’s Team Server, you want to get the definitive word.
- Gareth Owen has done some analysis of the FBI Tor malware.
- An exploit is circulating that affects Internet Explorer. The underlying vulnerability has the designation CVE 2013-2893. A Fix-It is available, and Microsoft has some of the technical details available. News of the attack has made a couple of places, including Threatpost and Ars Technica. The latter of these has one of my favorite lines for the week: " … readers are advised to install the Fix it, particularly if they use Internet Explorer regularly to browse websites." Hmmm- are there other uses of Internet Explorer? ☺
- We also have a (somehwat older) vulnerability (CVE 2013-3174) in Windows that can be triggered when a .gif file is viewed via any number of ways, including in Internet Explorer. Exploit code is now available in CANVAS.
- It appears that there is a way to bypass the lock screen on iOS 7, at least in a limited way. The piece from Ars Technica is worth a read.