Researchers at Bromium Labs are expected to deliver a paper today that explains how they were able to bypass all of the memory protection mitigations in Microsoft’s Enhanced Mitigation Experience Toolkit
Browsing Tag: Microsoft
Microsoft made a Fix-It tool available as a temporary mitigation for a zero-day vulnerability in Internet Explorer 10. The zero day is being exploited by two hacker groups.
The Internet Bug Bounty program, a cooperative effort among security experts and vendors, paid out its first $10,000 bounty this week for a serious Flash vulnerability. The flaw, which Adobe fixed in December, was a serious one that has been used in targeted attacks. Started in November, the Internet Bug Bounty is a system set[…]
Windows Error Reporting, or Dr. Watson, can be used to detect advanced exploits targeting organizations by fingerprinting exploit behaviors and correlating those with system or application crashes.
There are at least two different groups running attacks exploiting the recently published zero day vulnerability in Internet Explorer 10, and researchers say one of the groups used the bug to impersonate a French aerospace manufacturer and compromise victims visiting the spoofed Web page.
Yang Yu’s submission to the Microsoft bug bounty program completely elude ASLR and DEP mitigations built into Windows, earning him $100,000.
Researcher Yang Yu was awarded $100,000 from Microsoft for writing three mitigation bypass variants as part of the company’s bounty program. Yu is the second $100,000 winner since the bounty program was launched last June.
A new campaign, dubbed Operation SnowMan, was been spotted leveraging a previously unknown zero-day in Internet Explorer 10 after the U.S. Veterans of Foreign Wars’ website was compromised this week.
Microsoft’s February 2014 Patch Tuesday security bulletins included the addition of two critical bulletins, including the first cumulative patches of the year for Internet Explorer.
The Microsoft bug bounty program has been a success so far and the company is looking for new ways to expand it in the future.