Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Sunday October 23 2016, @12:34AM   Printer-friendly
from the stopped-in-their-tracks dept.

Kaspersky Labs researcher Anton Ivanov says an advanced threat group was exploiting a Windows zero day vulnerability before Microsoft patched it last week.

Microsoft says the graphics device interface vulnerability (CVE-2016-3393) allowed attackers to gain remote code execution and elevation of privilege powers.

Ivanov's analysis reveals a hacking group dubbed FruityArmor was exploiting the vulnerability in chained attacks, using a True Type Font to trigger the bug.

[...] The attack saw browser sandboxes broken and higher privileges attained before a second payload executed with the newly-acquired higher access privileges.

Windows 10's efforts to push font processing into a special user mode that restricts privileges did not stop the exploit.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Sunday October 23 2016, @01:55PM

    by Anonymous Coward on Sunday October 23 2016, @01:55PM (#417838)

    Nope, AC editor is no good. Let's recruit more editors so editing can be more fun/interesting rather than being a chore.

    An idea, though. If you find nothing decent is in the queue, but feel some fresh meat is in need of posting, why not consider a personal write-up/editorial of editor's choice? Like "meta" posts about SN itself, but widen the scope to any subject an editor fancies and thinks it might be of interest to others. Such post, marked as such ("op-ed", "a not so deep thought", whatever), if posted once in a while, may add an interesting color to this site. Besides, it seems a reasonable perk for editors.

  • (Score: 2) by janrinok on Sunday October 23 2016, @03:30PM

    by janrinok (52) Subscriber Badge on Sunday October 23 2016, @03:30PM (#417865) Journal

    The op-ed idea has merit but might not be the whole solution. This weekend at least 12 of the approx 32 stories we need to fill the pages are from Arthur. There is nothing the 3 available eds could do to fill those slots if we have to write complete articles from scratch. The output from Arthur is far from ideal, but at least it does identify stories that are roughly in line with our aims and interests. And those editors are only available for a limited time each day - they have their own lives to live too.

    Let's recruit more editors so editing can be more fun/interesting rather than being a chore.

    We will probably make another bid for editors in the next few weeks. However, they each need individual training by an existing editor. While the job is not difficult and is interesting, getting to grips with the process is time consuming. But we accept that as simply being a part of the job. Although we might train 4 new editors, experience suggests that the likelihood of them all remaining as eds for longer than a couple of months is remote. If we can keep 1 we would be happy, and 2 would make life so much more easy for us. There is an expectation that each would make a contribution on an almost daily basis; this is quite a commitment to give and is even harder to achieve over weekends when people want to do other things.

    There are only 4 regular active editors at present which isn't many for 24/7 operating. A few more help when they can depending on other commitments. Of course, you might think that the solution is to only fill part of the day but which part? I'm in Europe, and I'm not going to support a site that is targeted only at our US audience. The full SN team is spread worldwide, as is our community, and everyone wants the opportunity to take part in discussions 'live' rather than look at what was said by any one particular geographic region. With over 6000 members I would hope that a few will be up for the challenge.