Tag Archives: 0-day
Oracle has released the patch for the Java 0-day exploit
We wrote about the Java 0-day exploit (CVE-2012-4681) and that there is no fix available from Oracle. In the meanwhile, we have added also detection for the exploit starting with t he engine version 8.2.10.148 or higher. All Avira products detect this … Continue reading
0-day exploit for Java 1.7 (Update)
Recently a vulnerability in Oracle’s Java Runtime Environment (JRE) 1.7 was discovered that may allow an applet to execute any program with arbitrary permissions. The JRE framework allows any browser on any supported platform to execute Java applications called applets … Continue reading
Windows 0-day thoughts and protection
Currently the news about a Proof-of-Concept malware makes the rounds which is able to bypass the User Account Control (UAC) of Windows Vista / Windows 7 without user notification to gain privileged system access. In plain English: This exploit enables … Continue reading
Patchday ahead
The Redmond company today published its announcement for the upcoming November Patch Tuesday. Microsoft wants to release 3 security bulletins which deal with 11 security vulnerabilities within Office and PowerPoint (up to the brand new Office 2011 for Mac) and … Continue reading
Secure your Internet Explorer
Microsoft released a security advisory about a new 0-day vulnerability in all current versions of the company’s Internet Explorer – except for the not yet final Internet Explorer 9. The vulnerability exists within the processing of so-called cascading style sheets … Continue reading
Firefox Update fixes 0-day Vulnerability
The Mozilla Foundation just released Firefox 3.6.12 – and closed only 1 critical, previously unknown 0-day vulnerability in the web browser which was already actively abused on the Internet. The issue became public just a day ago, the developers had … Continue reading
New Firefox Exploit In-the-Wild
Our Virus Lab discovered an exploit for a newly discovered vulnerability in the Firefox web browser which was actively used on the infected Nobel Prize site earlier this week. The exploit using the vulnerability in Firefox 3.6 installed a Backdoor … Continue reading
Flash Player Updates fix 0-day-vulnerability
Adobe fixed the vulnerability in Flash Player in a record time again. Just one week after the 0-day became public and started to get exploited, an update is available to close the security hole. Even though Adobe Reader and Acrobat … Continue reading
0-day Flash Exploit in the wild
Adobe isn’t coming to rest. Now there is a new zero-day exploit in the wild exploiting a vulnerability in all current Flash Player versions. Adobe already has a security bulletin online; an update is announced for the week around the … Continue reading
Fix-it-Tool for IE-0-day
For the current vulnerability in Internet Explorer 6 and 7 which already gets actively exploited on the net, Microsoft is already testing a patch. The company is still considering whether to release the patch on the regular Patchday or out-of-band. … Continue reading