- Threat Encyclopedia
- Vulnerabilities
- Latest Security Advisories & Notable Vulnerabilities
Trend Micro researchers discovered a vulnerability that affects OS X below 10.11.3. It occurs by sending one special constructed IOConnectCallMethod requests to AppleGraphicsPowerManagement module. If an attacker sends a request once, Kernel memory heap corruption happens in method AppleGraphicsPowerManagement`AGPM:etBoost. As such, this would lead an attacker to execute arbitrary code with Kernel privileges.
While this vulnerability is not easy to exploit due to the lack of Kernel information leak and heap control, we recommend users to upgrade their OS X to latest version.
This vulnerability affects OS X below 10.11.3. It occurs by sending two special requests to IOAcceleratorFamily2 module. As such, an array overflow happens in method IOAccelDispalyMachine2::getFramebufferCount. This may lead to local privilege escalation. While this vulnerability is not easy to exploit, we advise users to upgrade their OS X to the latest version.
Trend Micro researcher Juwei Lin disclosed details about this vulnerability to Apple.
Trend Micro researchers discovered this vulnerability which is rated by Apple as ‘Critical.’ It affects OS X below 10.11.3 and iOS below 9.2.1. Once successfully exploited, an attacker can execute arbitrary codes with Kernel privileges. In addition, once attackers bypass KASLR using vulnerability, they can root the affected system and/or device when a user installs and runs a malicious app.
We advise users to update their systems and devices to the latest OS X and iOS versions.
Apple has released a security bulletin which covers several vulnerabilities, including CVE-2015-7076, which our security researcher, Juwei Lin discovered and reported to the said company. Apple has credited Lin for his research contribution.
All systems which run on Mac OS X below 10.11.2 (OS X El Capitan) and Intel Graphics Driver AppleIntelBDWGraphics can be affected by this vulnerability. Note, however, that there are certain systems that installed Intel Graphics Driver AppleIntelBDWGraphics by default.
A local privilege escalation vulnerability exists when Intel Graphics Driver handles a special request from usermode. This vulnerability could let the local user be able to execute arbitrary code with system privileges. While Apple rated this vulnerability low since they employ mitigation technologies such as SMAP/SMEP, an attacker with minimal knowledge of IOKit can develop an exploit to abuse this security hole.
In order for the attackers to infect the vulnerable system, users need to execute a program containing an exploit send via spam email. When users execute this malicious program, it gets local system privilege thus enabling the attackers to control the system. This local privilege escalation vulnerability is typically use as part of an entire attack to enable to bypass sandbox and gain system privilege to do further actions thus compromising its (system) security.
Users are advised to update their systems to the latest Mac OS version.
This vulnerability resides in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01. It allows attackers to execute arbitrary code or cause denial of service (DoS), thus compromising the security of the device.
Trend Micro researcher Peter Pi discovered and reported the details of the vulnerability to Google. The said company credited Pi for his research contribution.
This is a zero-day vulnerability in Adobe Flash Player is reportedly used by the Pawn Storm targeted attack campaign. The said vulnerability exists in Adobe Flash Player versions 19.0.0.207 and earlier for Windows and Mac operating systems.
Trend Micro researcher Peter Pi discovered and reported the details of the vulnerability to Adobe. The said company credited Pi for his research contribution.