Microsoft Malware Protection Center
Threat Research & Response Blog
Forefront Endpoing Protection
Forefront Threat Management Gateway
Fort of Agra
Malicious Software Removal Tool
Microsoft Safety Scanner
Microsoft Security Essentials
Security Intelligence Report
Browse by Tags
Microsoft Malware Protection Center
Tagged Content List
An analysis of Dorkbot’s infection vectors (part 2)
In part 1 of this series , we talked about Dorkbot and its spreading mechanisms that required user interaction. In this post, we'll talk about how Dorkbot spreads automatically, via drive-by downloads and Autorun files. Spreading vectors not requiring user interaction: Drive-by downloads and Autorun...
21 Nov 2012
A technical analysis of Adobe Flash Player CVE-2012-0779 Vulnerability
Recently, we've seen a few attacks in the wild targeting a patched Adobe Flash Player vulnerability. The vulnerability related to this malware was addressed with a recent patch released by Adobe on May 4th. On the Windows platform, Flash Player 22.214.171.124 and earlier is vulnerable. If you're using...
24 May 2012
An interesting case of Mac OSX malware
In June 2009, Microsoft issued security update MS09-027, which fixed a remote code execution vulnerability in the Mac version of Microsoft Office. Despite the availability of the bulletin (and the passage of time), not every machine is up to date yet – which is how nearly three years later, malware...
30 Apr 2012
A tangled web...
The moment of infection, and the circumstances that lead to the introduction of malware to a system, are often not obvious. This short case study examines our observations and investigations into a particular example that illustrates a fairly typical method of compromise that is played out countless...
27 Apr 2012
Analysis of the Eleonore exploit pack shellcode
'Eleonore ' is a malware package that contains a collection of exploits used to compromise web pages. When the compromised web pages are viewed via vulnerable systems, the exploit payload is run. Eleonore is purchased by an attacker from an underground website. The attacker then gains access to Internet...
20 Apr 2012
Get gamed and rue the day...
As we discussed last week , socially engineered threats are specially crafted threats designed to lure the eye and trick the mind - they look legitimate or benign, and in worst case, may take advantage of a trusted relationship, by utilizing a compromised account or familiar website. Social engineering...
25 Oct 2011
SIRv11: Putting Vulnerability Exploitation into Context
As Vinny Gullotto, our GM blogged earlier in the week , the 11 th edition of the Security Intelligence Report (SIRv11) has been released. One of the new areas of research in this release is a study of the most prevalent kinds of vulnerability exploitation and how much of that exploitation is 0-day (short...
13 Oct 2011
A Technical Analysis on the Exploit for CVE-2011-2110 Adobe Flash Player Vulnerability
On June 14, Adobe released updates and a security bulletin (APSB11-18) referencing attacks affecting Adobe Flash Player (versions 10.3.181.23 and earlier). These attacks have been observed as hosted on webpages containing malformed SWF files. We spent some time analyzing this Flash Player vulnerability...
1 Jul 2011
Microsoft Safety Scanner detects exploits du jour
We recently updated the Microsoft Safety Scanner - a just-in-time, free cleanup tool. The new version adds support for 64-bit Windows systems and also allows for the download of the tool to run in non-networked systems such as those behind an air-gap network, those within an ISPs walled garden...
25 May 2011
Dead code walking
24 May 2011
Slick links linked to slinky Winwebsec
I received a spam email from a friend lately after which I immediately notified him of a potential malware infection. He insisted his technician had taken care of the infection once and for all. After I returned from my vacation I received another three spam mails from him. This time...
3 May 2011
Analysis of the CVE-2011-0611 Adobe Flash Player vulnerability exploitation
About a month ago, we blogged about an Adobe Flash Player vulnerability ( CVE-2011-0609 ) that was actively exploited in the wild. That exploit was hidden inside a Microsoft Excel document. Over the weekend, a new Adobe Flash Player 0-day ( CVE-2011-0611 ) was reported by Adobe in a recent advisory ...
12 Apr 2011
7 Mar 2011
Nobel Prize site hacked, delivers malware
27 Oct 2010
Have you checked the Java?
Whilst working on our normal data pull and analysis for the Microsoft Security Intelligence Report ( v9 - released last week ), I embarked on a mini discovery mission on the exploit data that MMPC detects with our antimalware technology. Although the main focus of antimalware software is on traditional...
18 Oct 2010
Page 1 of 1 (15 items)
© 2013 Microsoft Corporation.
Privacy & Cookies