An integer overflow vulnerability exists in the Libarchive library included in Microsoft Windows. The vulnerability is due to insufficient bounds checks on the block length of a RARVM filter used for Intel E8 preprocessing, included in the compressed data of a RAR archive.
A remote attacker could exploit this vulnerability by enticing a target user into extracting a crafted RAR archive. Successful exploitation could result in arbitrary code execution in the context of the application using the vulnerable library.
Read more…
Source: Zero Day Initiative
Related:
- Sophisticated Hacks Against Android, Windows Reveal Zero-Day Trove
January 13, 2021
Google researchers have detailed a major hacking campaign that was detected in early 2020, which mounted a series of sophisticated attacks, some using zero-day flaws, against Windows and Android platforms. Working together, researchers from Google Project Zero and the Google Threat Analysis Group (TAG) uncovered the attacks, which were “performed by a highly sophisticated actor,” Ryan ...
- Critical Microsoft Defender Bug Actively Exploited; Patch Tuesday Offers 83 Fixes
January 12, 2021
Microsoft addressed 10 critical bugs, one under active exploit and another publicly known, in its January Patch Tuesday roundup of fixes. In total it patched 83 vulnerabilities. The most serious bug is a flaw in Microsoft’s Defender anti-malware software that allows remote attackers to infect targeted systems with executable code. Security experts are warning that Windows ...
- macOS malware used run-only AppleScripts to avoid detection for five years
January 12, 2021
For more than five years, macOS users have been the targets of a sneaky malware operation that used a clever trick to avoid detection and hijacked the hardware resources of infected users to mine cryptocurrency behind their backs. Named OSAMiner, the malware has been distributed in the wild since at least 2015 disguised in pirated (cracked) ...
- Investigation launched into vulnerabilities found within US Judiciary case file system
January 8, 2021
The United States Judiciary has announced an audit into its systems, following concerns its case file system has been compromised. In making the announcement, the Judiciary said the Administrative Office of the US Courts was working with the Department of Homeland Security on a security audit relating to vulnerabilities in the Judiciary’s Case Management/Electronic Case Files ...
- Nvidia releases security update for high-severity graphics driver vulnerabilities
January 8, 2021
Nvidia has released a round of security fixes tackling high-severity issues in the Nvidia GPU display driver and vGPU software. Released on Thursday, the technology giant said the patches deal with issues that “may lead to denial of service, escalation of privileges, data tampering, or information disclosure.” In total, Nvidia has resolved 16 vulnerabilities linked to the ...
- Windows PsExec zero-day vulnerability gets a free micropatch
January 7, 2021
A free micropatch fixing a local privilege escalation (LPE) vulnerability in Microsoft’s Windows PsExec management tool is now available through the 0patch platform. PsExec is a fully interactive telnet-replacement that allows system admins to execute programs on remote systems. PsExec tool is also integrated into and used by enterprise tools to remotely launch executables on other ...