Title | FruityArmor Hacking Group Juiced by Microsoft's October Patch Parade | |
Date | Sunday October 23 2016, @12:34AM | |
Author | janrinok | |
Topic | ||
from the stopped-in-their-tracks dept. |
Kaspersky Labs researcher Anton Ivanov says an advanced threat group was exploiting a Windows zero day vulnerability before Microsoft patched it last week.
Microsoft says the graphics device interface vulnerability (CVE-2016-3393) allowed attackers to gain remote code execution and elevation of privilege powers.
Ivanov's analysis reveals a hacking group dubbed FruityArmor was exploiting the vulnerability in chained attacks, using a True Type Font to trigger the bug.
[...] The attack saw browser sandboxes broken and higher privileges attained before a second payload executed with the newly-acquired higher access privileges.
Windows 10's efforts to push font processing into a special user mode that restricts privileges did not stop the exploit.
Links |
printed from SoylentNews, FruityArmor Hacking Group Juiced by Microsoft's October Patch Parade on 2024-04-28 01:38:10