Monthly Archives: December 2015

Full Disclosure

Re: Executable installers are vulnerable^WEVIL (case 15):F-SecureOnlineScanner.exe allows arbitrary (remote) codeexecution and escalation of privilege

Leave a comment

Posted by Stefan Kanthak on Dec 31

Mitja Kolsek <lists () acrossecurity com> wrote:

About 4 years earlier Microsoft published
<https://technet.microsoft.com/en-us/library/953818.aspx> in response
to <http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2540>,
and Will Dormann from CERT/CC published
<https://insights.sei.cmu.edu/cert/2008/09/carpet-bombing-and-directory-poisoning.html>
a little later.

I’d rather say that Microsoft didn’t…

Full Disclosure

Executable installers are vulnerable^WEVIL (case 16): Trend Micro's installers allows arbitrary (remote) code execution

Leave a comment

Posted by Stefan Kanthak on Dec 31

Hi @ll,

TrendMicro_MAX_10.0_US-en_Downloader.exe (available from
<http://trial.trendmicro.com/US/TM/2016/TrendMicro_MAX_10.0_US-en_Downloader.exe>)
loads and executes ProfAPI.dll and UXTheme.dll (and other DLLs
too) eventually found in the directory it is started from
(the “application directory”).

For software downloaded with a web browser the application
directory is typically the user’s “Downloads” directory:…

Hackers News

Microsoft will Inform You If Government is Spying on You

Leave a comment

Following in the footsteps of Twitter, Facebook and Google, Microsoft promises to notify users of its e-mail (Outlook) and cloud storage (OneDrive) services if government hackers may have targeted their accounts.

The company already notifies users if an unauthorized person tries to access their Outlook or OneDrive accounts. But from now on, the company will also inform if it suspects