Vulnerability Note VU#561288 Adobe Flash ActionScript 3 ByteArray use-after-free vulnerability Original Release date: 07 Jul 2015 | Last revised: 07 Jul 2015 Overview Adobe Flash Player contains a vulnerability in the ActionScript 3 ByteArray class, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Adobe Flash Player versions 9.0 through version 18.104.22.168 contain a use-after-free vulnerability in the AS3 ByteArray class .
Last week I received another malicious document with embedded payload encoded with base64. A bit tired of repeating the same manual operations to extract and decode base64 content, I quickly wrote a small Python script to help me. base64dump.py searches through the given file for base64 strings (delimited by non-base64 characters), and produce a report like this one: Here is a video of the tool in action.
Yesterday I mentioned that McAfee quarantine files on Windows (.BUP extension) are actually OLE files. Im going to write a couple of diary entries highlighting some file types that are OLE files, and I” /> As you can see, this quarantine file contains two steams: Details and File_0.
If you use Apple products — on Mac or PC — know that today is Apple Patch Day. The popular software company released six security advisories (originally five, but they had a late breaking advisory) fixing many security flaws in most of their most popular products. Watch today’s video to learn which products are affected, and what you should patch (or check the Reference section for a link to the page with all the details)
After last weeks story, hopefully youve got your problem users accounts identified.
Im sure most of you are familiar with the EICAR (European Institute for Computer Antivirus Research) test file . Your anti-virus application should detect the EICAR test file the same way it detects malicious files. But it is a test file, so of course, the EICAR file is not malicious.
Powershell has gotten a lot of attention lately as a pentesters tool of choice, since it has access to pretty much every low-level system function in the Microsoft ecosystem, and the AV industry isnt dealing well with that yet (aside from ignoring powershell completely that is). But what about day-to-day system administration?