Security News #0x77
- Metasploit has a new privilege escalation exploit for Internet Explorer that allows the attacker to move out from protected mode. The exploit is called MS14-009 .NET Deployment Service IE Sandbox Escape. The vulnerability was patched by MS14-009, while the vulnerability is CVE 2014-0257.
- Public exploit code attacking Internet Explorer 8 bypassing ASLR, DEP and EMET has been released. The underlying flaw is CVE 2012-1876.
- Registration for CSAW 2014 is now open. THe first qualifying round runs September 19-21, 2014.
- Those students still working their way through the interview process may be interested in some interviewing tips.