TechBlog

Security News? Just a few clicks away

Tag Archives: 0-day

Oracle has released the patch for the Java 0-day exploit

We wrote about the Java 0-day exploit (CVE-2012-4681) and that there is no fix available from Oracle. In the meanwhile, we have added also detection for the exploit starting with t he engine  version 8.2.10.148 or higher. All Avira products detect this … Continue reading

0-day exploit for Java 1.7 (Update)

Recently a vulnerability in Oracle’s Java Runtime Environment (JRE) 1.7 was discovered that may allow an applet to execute any program with arbitrary permissions. The JRE framework allows any browser on any supported platform to execute Java applications called applets … Continue reading

Windows 0-day thoughts and protection

Currently the news about a Proof-of-Concept malware makes the rounds which is able to bypass the User Account Control (UAC) of Windows Vista / Windows 7 without user notification to gain privileged system access. In plain English: This exploit enables … Continue reading

Patchday ahead

The Redmond company today published its announcement for the upcoming November Patch Tuesday. Microsoft wants to release 3 security bulletins which deal with 11 security vulnerabilities within Office and PowerPoint (up to the brand new Office 2011 for Mac) and … Continue reading

Secure your Internet Explorer

Microsoft released a security advisory about a new 0-day vulnerability in all current versions of the company’s Internet Explorer – except for the not yet final Internet Explorer 9. The vulnerability exists within the processing of so-called cascading style sheets … Continue reading

Firefox Update fixes 0-day Vulnerability

The Mozilla Foundation just released Firefox 3.6.12 – and closed only 1 critical, previously unknown 0-day vulnerability in the web browser which was already actively abused on the Internet. The issue became public just a day ago, the developers had … Continue reading

New Firefox Exploit In-the-Wild

Our Virus Lab discovered an exploit for a newly discovered vulnerability in the Firefox web browser which was actively used on the infected Nobel Prize site earlier this week. The exploit using the vulnerability in Firefox 3.6 installed a Backdoor … Continue reading

Flash Player Updates fix 0-day-vulnerability

Adobe fixed the vulnerability in Flash Player in a record time again. Just one week after the 0-day became public and started to get exploited, an update is available to close the security hole. Even though Adobe Reader and Acrobat … Continue reading

0-day Flash Exploit in the wild

Adobe isn’t coming to rest. Now there is a new zero-day exploit in the wild exploiting a vulnerability in all current Flash Player versions. Adobe already has a security bulletin online; an update is announced for the week around the … Continue reading

Fix-it-Tool for IE-0-day

For the current vulnerability in Internet Explorer 6 and 7 which already gets actively exploited on the net, Microsoft is already testing a patch. The company is still considering whether to release the patch on the regular Patchday or out-of-band. … Continue reading