Security News #0x70
- Last month saw the release of a new metasploit module to exploit Internet Explorer named "MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free". This one impacts IE 10 on Windows 7 (SP 1); it requires Flash Player 12 installed on the target. The underlying vulnerability is CVE 2014-0322, and the problem was patched in MS 14-012. The technical issue is discussed in a blog post from HDW Security.
- Last month also saw the release of a metasploit module to exploit Adobe Flash 11.5 prior to 11.5.502.149. The module works on Windows 7 SP 1, but only prior to MS 13-063. The underlying problem is CVE 2013-0634; it affects more versions than the (metasploit-exploitable) 11.5 versions.
- There is a large collection of writeups to various CTF challenges going up at SkullSecurity.org. Definitely worth a look if you want to compete in the various CTF events (and who doesn’t?). Also worth a look is the blog over at fail0verflow.
- Back in January, we mentioned the TCP/32764 backdoor present in a number of common routers. This caused a kerfuffle, and fixes were rolled out. Well, it seems that these fixes aren’t; rather than closing the backdoor, they hide it so that they would not open until a particular packet is sent. So says Ars Technica. You may wish to take a look at the .pdf presentation from Eloi Vanderbeken, who found the issue.
- The folks at Detectify were able to gain read access to Google production servers; the attack vector was an XXE attack against the toolbar.
- The first round of auditing for the TrueCrypt project is complete, and Ars Technica reports "no evidence of backdoors". For more details, check out the complete analysis from iSECpartners and their announcement.
- The 2014 edition of Microsoft’s Threat Modeling Tool has been released.