Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Microsoft Warns Of Zero-Day Vulnerability In Internet Explorer
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 2
DarkReadingTim
50%
50%
DarkReadingTim,
User Rank: Strategist
4/28/2014 | 5:08:43 PM
Re: Surprisingly relevant
There are still lots of older versions of IE out there, and they have lots of holes in them. :)  This particular vuln goes up to IE 11, though, so even more current versions may be at risk.
securityaffairs
100%
0%
securityaffairs,
User Rank: Ninja
4/28/2014 | 4:36:33 PM
Be aware the APT behind the attacks
The impact is very serious considering the diffusion of various versions of IE affected by 0-day. Anyway, I invite you to carefully consider that as highlighted by experts at FireEye, we are facing with a very prolific APT that had access to different zero-day exploits in the last months.

http://securityaffairs.co/wordpress/24403/cyber-crime/fireeye-new-zero-day-ie.html
IMjustinkern
50%
50%
IMjustinkern,
User Rank: Strategist
4/28/2014 | 3:45:53 PM
Surprisingly relevant
Lots of jokes on IE going around. It's not cool, it's not Chrome, sure ... but, in various versions, it's still in use. I'm always surprised by the IE 7 and older versions that pop up when I check Google Analytics traffic to my company's website. And hardly outdated, this has been the case of the last few places I've worked. Curious, Tim, does Dark Reading/IW still get lots of traffic from older versions of IE? 
<<   <   Page 2 / 2


News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-1074
PUBLISHED: 2021-04-21
NVIDIA Windows GPU Display Driver for Windows, R390 driver branch, contains a vulnerability in its installer where an attacker with local system access may replace an application resource with malicious files. Such an attack may lead to code execution, escalation of privileges, denial of service, or...
CVE-2021-1075
PUBLISHED: 2021-04-21
NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the program dereferences a pointer that contains a location for memory that is no longer valid, which may lead to code execution, denial of se...
CVE-2021-1076
PUBLISHED: 2021-04-21
NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys or nvidia.ko) where improper access control may lead to denial of service, information disclosure, or data corruption.
CVE-2021-1077
PUBLISHED: 2021-04-21
NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerability where the software uses a reference count to manage a resource that is incorrectly updated, which may lead to denial of service.
CVE-2021-1078
PUBLISHED: 2021-04-21
NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel driver (nvlddmkm.sys) where a NULL pointer dereference may lead to system crash.