Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>Microsoft Patches Hacking Team Windows Kernel Zero Day

Microsoft Patches Hacking Team Windows Kernel Zero Day


Microsoft has patched a zero-day vulnerability in the Windows kernel uncovered and exploited by Hacking Team. The zero day was found among the 400 GB of data stolen from the Italian surveillance software maker and posted online July 5. A trio of Adobe Flash Player zero days were also uncovered among the stolen data, the last of which were also patched earlier today. The vulnerability (CVE-2015-2387) in the Adobe Type Manager Font Driver (ATMFD) enables privilege escalation and code execution. The security update addresses the vulnerability by correcting how Adobe Type Manager Font Driver (ATMFD) handles objects in memory. It affects Windows Server implementations all the way back to Windows Server 2003. Microsoft rated the vulnerability “important” because it said an attacker would have to log into a target system and then run malicious code.
 
Source:
 
Threat Post
 
Security Week
 
The Register
 
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
 
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis