Kaspersky Labs researcher Anton Ivanov says an advanced threat group was exploiting a Windows zero day vulnerability before Microsoft patched it last week.
Microsoft says the graphics device interface vulnerability (CVE-2016-3393) allowed attackers to gain remote code execution and elevation of privilege powers.
Ivanov's analysis reveals a hacking group dubbed FruityArmor was exploiting the vulnerability in chained attacks, using a True Type Font to trigger the bug.
[...] The attack saw browser sandboxes broken and higher privileges attained before a second payload executed with the newly-acquired higher access privileges.
Windows 10's efforts to push font processing into a special user mode that restricts privileges did not stop the exploit.
(Score: 2) by Runaway1956 on Sunday October 23 2016, @03:07AM
We need to open up staff positions to AC. Go ahead, PM the staff and tell them that you want in!
(Score: 0) by Anonymous Coward on Sunday October 23 2016, @03:45AM
Not a bad idea. Run a system like pipedot pipe voting to cull the crap.