It’s an impressive milestone for Google — For the first time in decades, Android has been crowned as the world’s most popular operating system in terms of Internet usage, knocking Microsoft Windows off the top spot.
According to a new report from web traffic analytics firm StatCounter, Google’s Android is the most popular operating system worldwide in terms of total internet usage across
Google has once again publicly disclosed a zero-day vulnerability in current versions of Windows operating system before Microsoft has a patch ready.
Yes, the critical zero-day is unpatched and is being used by attackers in the wild.
Google made the public disclosure of the vulnerability just 10 days after privately reporting the issue to Microsoft, giving the chocolate factory little time
Microsoft’s August Patch Tuesday offers nine security bulletins with five rated critical, resolving 34 security vulnerabilities in Internet Explorer (IE), Edge, and Office, as well as some serious high-profile security issues with Windows.
A security bulletin, MS16-102, patches a single vulnerability (CVE-2016-3319) that could allow an attacker to control your computer just by
Hacker Mateusz Jurczyk from Google’s Project Zero disclosed 15 remote execution vulnerabilities, most of them for Windows and the Adobe Type Manager Font Driver. He presented his findings at the Recon security conference and aptly named his research “One font vulnerability to rule them all: A story of cross-software ownage, shared codebases and advanced exploitation”.
According to his blog the most serious and interesting security issue he discovered so far was a really reliable BLEND instruction exploit. Jurczyk writes that “the extremely powerful primitive provided by the vulnerability, together with the fact that it affected all supported versions of both Adobe Reader and Microsoft Windows (32-bit) – thus making it possible to create an exploit chain leading to a full system compromise with just a single bug – makes it one of the most interesting security issues I have discovered so far.”
He also shared two videos in which he shows how he successfully exploits the Adobe Reader 11.0.10 using the BLEND vulnerability (CVE-2015-3052), accompanied by sandbox escapes via ATMFD.DLL in the Windows Kernel as well as a “Registry Object” vulnerability on x64 builds (CVE-2015-0090).
Jurczyk reported all of his discoveres to Microsoft and Adobe which fixed the bugs in security bulletins MS15-021 (March), APSB15-10(May) and MS15-044 (May).
The post Time to Patch: Loads of Security Issues in Adobe Reader and Microsoft Windows appeared first on Avira Blog.