ie


Summary This month Microsoft patched two vulnerabilities which were discovered and reported by me, one is an information disclosure vulnerability in Internet Explorer (IE) (CVE-2016-0059 in MS16-009), the other is a memory corruption vulnerability in Microsoft Office (CVE-2016-0055 in MS16-015). In this blog, we will provide in-depth analysis of CVE-2016-0059. The vulnerability exists because Microsoft Hyperlink Object Library improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability... [Read More]
by RSS Kai Lu  |  Feb 19, 2016  |  Filed in: Security Research
[Read More]
by RSS Michael Perna  |  Jul 26, 2014  |  Filed in: Industry Trends & News
The Isolated Heap for DOM objects included in the Microsoft Patch Tuesday for June 2014 was just a fire drill aimed at making the exploitation of use-after-free (UAF) vulnerabilities more difficult. The patch for July 2014, however, has been quite a shock to exploit developers! In this release, Microsoft showed some determination in fighting back against UAF bugs with this improvement - the introduction of a new memory protector in Microsoft Internet Explorer, which would make exploitation of UAF vulnerabilities extremely difficult. An Overview... [Read More]
by RSS Zhenhua 'Eric' Liu  |  Jul 16, 2014  |  Filed in: Security Research
Exploit developers should be very excited recently; lots of big bombs have been dropped to the community. In February, Yang Yu was awarded the Microsoft mitigation bypass bounty, the top prize in Microsoft Bounty Programs. He talked about parts of his mitigation bypass in his presentation at CanSecWest 2014. However, the most interesting part - the so-called "Vital Point Strike" - was just left as blurred pages in his slides. Soonafter, another security researcher, Yuki Chen, published ExpLib2, which is Yuki's exploitation library for Internet... [Read More]
by RSS Zhenhua 'Eric' Liu  |  Jun 16, 2014  |  Filed in: Security Research
[ This article originally appeared in Virus Bulletin ](http://www.virusbtn.com/virusbulletin/archive/2014/01/vb201401-Medfos) <br/>Medfos is a heavily obfuscated trojan family which downloads modules capable of redirecting search engine results in the most popular browsers, including Chrome, Firefox and Internet Explorer. Its main module, the downloader, was found to be distributed via the Sasfis botnet. This article dissects the way the Medfos downloader deploys its downloaded modules, and the function of each. <p style="text-indent:... [Read More]
by RSS Benjamin Chang  |  Mar 12, 2014  |  Filed in: Security Research
Microsoft's Internet Explorer 10 is the most secure web browser according to the results of a mid-May 2013 NSS Labs' analysis. Apple Safari 5, Google Chrome 25/26, Internet Explorer 10, Mozilla Foxfire 19 and Opera 12 were all evaluated against malware downloads and socially engineered malware. Results show that Chrome's malware download protection improved significantly, up to more than 83 percent from a 70 percent performance in NSS' October 2012 analysis, Browser Comparative Analysis Report - Socially Engineered Malware. IE earned a block rate... [Read More]
by RSS Stefanie Hoffman  |  Jul 30, 2012  |  Filed in: Industry Trends & News