Hacking Team exploits and new security features in Google Chrome and Microsoft Edge are just a few of the highlights of ESET’s annual Windows exploitation in 2015 report.
Wild Season is a farming-life sim that takes its foundations from the greats within the farming simulation, visual novel, and RPG genres and delivers them with a twist. Rebuild your farm to its former glory and beyond, befriend the townspeople and maybe find your one true love (of either gender!), and solve the secret of Bedford Valley. Wild Season: 17 April 2015: Quickfire Games Microsoft Windows, OS X, Linux: The Last Tinker: City of Colors: 8 May 2015: Mimimi Productions: Microsoft Windows, PlayStation 4: NANOS: 28 July 2015: Excamedia Microsoft Windows: Enki: 31 July 2015: Storm in a Teacup Microsoft Windows: Adam's Venture Chronicles: 3 August 2015: Vertigo Games.
Today we are happy to announce our annual report called Windows exploitation in 2015. Readers who tracked our previous reports Windows exploitation in 2013 and Windows exploitation in 2014 may notice that in each new version of the report we try to highlight new security features introduced in Windows, web browsers and EMET. Along with this information, both previous reports contain information about vulnerabilities that have been fixed in various important Windows components, the .NET Framework and Microsoft Office. Our latest report is no exception.
Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash. Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.
Our main goal in writing these reports is to notify our customers, as well as other users, about the importance of installing updates to fix various unpatched (0day) vulnerabilities. We also provided information about ESET’s detections of in-the-wild exploits of these vulnerabilities. Such exploits are used by attackers to implement notorious drive-by download attacks.
The two previous reports we mentioned above and another research paper called Exploit Protection for Microsoft Windows give a comprehensive overview of various aspects of defensive and offensive technologies in Microsoft Windows, Internet Explorer, Google Chrome, and EMET. This information is useful for end-users because it enables them to see, from a technical point of view, how attackers can achieve their goals and what methods have been introduced in Windows to help them to stay safe from such attacks. Below we list some of that content:
- Statistics about vulnerabilities that have been fixed in Microsoft Windows, .NET Framework, and Office, with information about the most common exploitation vectors.
- Description of so-called drive-by download and Local Privilege Escalation (LPE) attacks.
- Information about detection by ESET security products of 0days exploited by attackers in implementing drive-by and LPE attacks in malware or other vectors.
- Comprehensive information about security features in Internet Explorer and how the user can use those features to protect himself.
- Explanation of the infamous use-after-free (UAF) attacks.
- Detailed information on how to mitigate drive-by attacks with EMET.
- Information about the Google Chrome sandbox
The new report includes the following information:
- Hacking Team exploits.
- New security features in Google Chrome.
- New security features in Microsoft EMET tool and Edge web browser.
We didn’t want to repeat information already provided in previous reports, and so in the new version of the report we concentrated on various security improvements in the listed products. The section about Hacking Team summarizes detections of our AV products for exploits used by this cybergroup, as well as for their backdoor DaVinci (Morcut). This was developed for almost all existing platforms, including Windows, Android, Linux, OS X, iOS.
Artem Baranov, malware researcher, ESET Russia
![Wild season (2015) os x 5 Wild season (2015) os x 5](https://cdn.cloudflare.steamstatic.com/steam/apps/328220/ss_13fa96a4b6d181aae102b2aa139c56552f1c4538.1920x1080.jpg?t=1458649910)
Discussion
A 'zero-day' bug discovered in the latest version of Mac OS X has been exploited by real-world malware before Apple has been able to release a patch.
The problem, revealed in public last month by security researcher Stefan Esser, relates to features designed to log errors introduced in OS X 10.10. The code lacks safeguards that would prevent hackers being able to create files with destructively wide-ranging privileges, anywhere in the OS. If exploited, the flaw known as 'DYLD_PRINT_TO_FILE' would give hackers the ability to install anything on an OS X system without using a password, opening up seemingly endless types of potential fraud.
Advertisement
At the time it was released, the exploit was purely hypothetical. Not any more: Malwarebytes reports the flaw has already been exploited for real.
In a blog post Malwarebytes' Adam Thomas claims to have discovered a malicious installer that was able to install VSearch and MacKeeper junk programs without needing a password. 'This is obviously very bad news,' he writes. 'Unfortunately, Apple has not yet fixed this problem, and now it is beginning to bear fruit.'
Wild Season (2015) Os X Catalina
The hope among researchers was that Apple would be able to fix the bug before the hackers used it. Esser even released his own kernel extension to protect against the attacks, though installing that comes with obvious risks.
In order to see this embed, you must give consent to Social Media cookies. Open my cookie preferences.
Advertisement
Esser incurred criticism for releasing the news, because reports suggest he did not tell Apple before making the release public, as is standard amongst security researchers. Esser has rejected the criticism, saying that Apple should be blamed, not himself for simply releasing news of the bug. Artpaper: new daily wallpapers 3 0 4.
As it turns out, Apple knew about the flaw already -- another researcher had clued them in and not made it public -- and the exploit does not work in beta versions of OS X 10.11, suggesting a fix is on the way for other versions of 10.10. As of now, though, any OS X user remains vulnerable. 'Worse, there is no good way to protect yourself, short of installing Esser's software to protect against the very flaw that he released into the hands of hackers worldwide, which introduces some serious questions about ethics and conflict of interest,' Thomas writes. 'Hopefully, this discovery will spur Apple to fix the issue more quickly.'
Wild Season (2015) Os X 9
Apple has not yet commented on the bug, but we will update this post when a fix has been released.