Weeks after a serious problem in the Chromodo browser were disclosed, Google’s Project Zero disclosed a separate privilege escalation issue in Comodo Internet Security introduced by the GeekBuddy support app.
Tag Archives: privilege escalation
Serious Linux Kernel Vulnerability Patched
The Linux security team today patched a critical privilege escalation vulnerability in the Linux kernel discovered by startup Perception Point.
Unsupported Honeywell Experion PKS Vulnerable to Public Attacks
Unsupported versions of Honeywell distributed control system software are vulnerable to publicly available remote exploits.
Thunderstrike 2 OS X Firmware Attack Self-Replicates to Peripherals
At Black Hat, researchers are expected to disclose new firmware attacks that work against OS X and self replicated to Thunderbolt peripherals.
Lenovo Patches Vulnerabilities in System Update Service
IOActive researchers disclosed details on three patched vulnerabilities in Lenovo’s System Update mechanism.
Default Setting in Windows 7, 8.1 Could Allow Privilege Escalation, Sandbox Escape
A default setting in both Windows 7 and 8.1 could allow local users to elevate privileges and in some situations, escape application sandboxes.
Patched Windows Kernel-Mode Driver Flaw Exploitable With One Bit Change
Details have been disclosed on a Windows kernel-mode driver privilege escalation vulnerability that was patched Tuesday by Microsoft.
Round 2: Google Deadline Closes on Pair of Microsoft Vulnerabilities
Google Project Zero has disclosed a pair of unpatched Windows vulnerabilities after the expiration of its 90-day deadline. Microsoft said it will patch one bug in February, and both sides agree the second does not merit a security bulletin.
Windows exploitation in 2014
Today, we published our research about Windows exploitation in 2014. This report contains interesting information about vulnerabilities in Microsoft Windows and Office patched over the course of the year, drive-by download attacks and mitigation techniques.
The post Windows exploitation in 2014 appeared first on We Live Security.