Stories
Slash Boxes
Comments

SoylentNews is people

FruityArmor Hacking Group Juiced by Microsoft's October Patch Parade

posted by janrinok on Sunday October 23 2016, @12:34AM   Printer-friendly
from the stopped-in-their-tracks dept.

Arthur T Knackerbracket has found the following story:

Kaspersky Labs researcher Anton Ivanov says an advanced threat group was exploiting a Windows zero day vulnerability before Microsoft patched it last week.

Microsoft says the graphics device interface vulnerability (CVE-2016-3393) allowed attackers to gain remote code execution and elevation of privilege powers.

Ivanov's analysis reveals a hacking group dubbed FruityArmor was exploiting the vulnerability in chained attacks, using a True Type Font to trigger the bug.

[...] The attack saw browser sandboxes broken and higher privileges attained before a second payload executed with the newly-acquired higher access privileges.

Windows 10's efforts to push font processing into a special user mode that restricts privileges did not stop the exploit.

Original Submission

 
This discussion has been archived. No new comments can be posted.
FruityArmor Hacking Group Juiced by Microsoft's October Patch Parade | Log In/Create an Account | Top | 13 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Sunday October 23 2016, @03:45AM

    by Anonymous Coward on Sunday October 23 2016, @03:45AM (#417736)

    Not a bad idea. Run a system like pipedot pipe voting to cull the crap.