CVE-2013-1300 ( MS13-053 )
* 1337day : Windows NTUserMessageCall Win32k Kernel Pool Overflow
* MWRLabs : MWR Labs Pwn2Own 2013 Write-up-Kernel Exploit
* Microsoft Security Advisory :: 2850851
* Publish Data : 2013.07.09 / 2014.05.06 (Free)
* Patched : 2013.07.12
* Damage Version : windows XP 이상 전버전 ( winlogon.exe )
* Impact : RCE
| Internet Explorer (0) | 2014.04.28 |
|---|
* Pastebin : 기존 IE 취약점 정리
- 테스트 환경
[ Target ]
IP : 192.168.10.203
System : Windows XP SP2 IE8
[ Attacker ]
IP : 192.168.10.219
System : BackBox 3.13 / Metasploit 4.9.0
CVE-2014-1776
* HackerNews : New Zero-Day Vulnerability CVE-2014-1776 Affects all Versions of IE
* Microsoft Blog : More Details about Security Advisory 2963983 IE 0Day
* Microsoft Security Advisory :: 2963983
* Publish Date : 2014.04.26
* (Reserved) Patched : 2014.05.13
* Damage Version : IE 6 ~ 11 ( All Versions )
* Impact : RCE
Patched
* HackerNews : Microsoft Patches Internet Explorer Zero-Day Vulnerability, Even for Windows XP
* 보안 뉴스 : IE 보안패티 적용 후, 0x80020009 오류코드 해결 방법
Attack
* CNN : Defense, Energy, Banks hit by IE bug
* V3.co.uk : Hackers target Windows XP users with IE attacks
* the Register : Hackers ZERO IN on ZOMBIE XP boxes : Get patching, IE8 users
| Windows Kernel (0) | 2014.05.07 |
|---|
|
| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | ||||||
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 |
