Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Hackers Combine Microsoft, Adobe Flaws in Devastating Windows Exploit
#1
https://news.softpedia.com/news/hackers-...1149.shtml        Hackers Combine Microsoft, Adobe Flaws in Devastating Windows Exploit
Vulnerabilities already fixed by both companies this month
May 16, 2018 09:54 GMT  ·  By Bogdan Popa ·  Share:      
Two different vulnerabilities in Microsoft and Adobe software were used by hackers in a combined exploit targeting Windows systems before eventually being addressed by both companies in their patching cycles earlier this month.

Security vendor ESET says in an in-depth analysis that it discovered a malicious PDF on a public mirror that was supposed to be used for launching attacks against Windows hosts. The document included JavaScript code and a crafted JPEG2000 image to take advantage of vulnerability CVE-2018-4990 in Adobe Reader.

Successfully exploiting the remote-code execution flaw in this application would have provided attackers with rights ro read and write in memory.

In order to break the sandbox, hackers would have then turned to a second vulnerability documented as CVE-2018-8120 and representing a privilege escalation bug in Windows.

Fancy Bear-inspired approach
This time, the security issue affects the Win32k component, which can be hijacked to run arbitrary code on the compromised system, which technically means that hackers would have obtained full control over the target computer.

“The use of the combined vulnerabilities is extremely powerful, as it allows an attacker to execute arbitrary code with the highest possible privileges on the vulnerable target, and with only the most minimal of user interaction,” ESET security researcher Anton Cherepanov, who also discovered the vulnerabilities and reported them to parent companies, explained in the analysis.

There’s evidence, however, that the exploit was still under development when it was detected, as the PDF sample did not contain a final payload.

On the other hand, Cherepanov notes that combining exploits is a very advanced technique that hackers like the Russian group Fancy Bear is believed to be using. However, there’s no proof that Russian hackers have been involved in these attacks.

Microsoft and Adobe have already released patches for the two vulnerabilities combined in this exploit, so users are recommended to install them as soon as possible.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Hackers now use Microsoft OneNote attachments to spread malware tarekma7 0 818 01-24-2023 , 10:21 AM
Last Post: tarekma7
  Ransomware gang uses new Microsoft Exchange exploit to breach servers tarekma7 0 770 12-21-2022 , 09:00 AM
Last Post: tarekma7
  Lazarus hackers use Windows Update to deploy malware Mohammad.Poorya 0 1,029 01-28-2022 , 05:33 AM
Last Post: Mohammad.Poorya
  Microsoft seizes sites used by APT15 Chinese state hackers mrtrout 0 1,148 12-07-2021 , 11:16 AM
Last Post: mrtrout
  Hackers exploit Microsoft MSHTML bug to steal Google, Instagram creds mrtrout 0 1,195 11-25-2021 , 02:58 PM
Last Post: mrtrout



Users browsing this thread: 1 Guest(s)