http://kb.digibase.ca/index.php?title=DBSA:2014-0005&feed=atom&action=history
DBSA:2014-0005 - Revision history
2024-03-28T16:06:17Z
Revision history for this page on the wiki
MediaWiki 1.31.1
http://kb.digibase.ca/index.php?title=DBSA:2014-0005&diff=560&oldid=prev
Kradorex Xeron at 23:43, 24 February 2014
2014-02-24T23:43:24Z
<p></p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #222; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #222; text-align: center;">Revision as of 23:43, 24 February 2014</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l14" >Line 14:</td>
<td colspan="2" class="diff-lineno">Line 14:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>'''Last Modified:''' {{REVISIONTIMESTAMP}} by {{REVISIONUSER}}</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>'''Last Modified:''' {{REVISIONTIMESTAMP}} by {{REVISIONUSER}}</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>'''Who should take note:''' All Windows Users</div></td><td class='diff-marker'>+</td><td style="color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>'''Who should take note:''' All Windows Users <ins class="diffchange diffchange-inline">and Administrators</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>==Classification==</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>==Classification==</div></td></tr>
</table>
Kradorex Xeron
http://kb.digibase.ca/index.php?title=DBSA:2014-0005&diff=559&oldid=prev
Kradorex Xeron at 23:42, 24 February 2014
2014-02-24T23:42:36Z
<p></p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #222; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #222; text-align: center;">Revision as of 23:42, 24 February 2014</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l8" >Line 8:</td>
<td colspan="2" class="diff-lineno">Line 8:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>'''Regarding:''' Microsoft Attack Mitigation Toolkit Vulnerability</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>'''Regarding:''' Microsoft Attack Mitigation Toolkit Vulnerability</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>'''Writeup:''' [[User:Kradorex Xeron|Kradorex Xeron]] ([[User talk:Kradorex Xeron|talk]]) 18:38, 24 February 2014 (EST)</div></td><td class='diff-marker'>+</td><td style="color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>'''Writeup:''' [[User:Kradorex Xeron|Kradorex Xeron]] ([[User talk:Kradorex Xeron|talk]]) 18:38, 24 February 2014 (EST<ins class="diffchange diffchange-inline">) (report submitted by [[User:C|C]]</ins>)</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>'''Date:''' 2014 02 24</div></td><td class='diff-marker'> </td><td style="background-color: #f8f9fa; color: #222; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>'''Date:''' 2014 02 24</div></td></tr>
</table>
Kradorex Xeron
http://kb.digibase.ca/index.php?title=DBSA:2014-0005&diff=557&oldid=prev
Kradorex Xeron: Created page with "{{DBSAHEAD | TITLE=Microsoft Attack Mitigation Toolkit Vulnerability | KEYWORDS=EMET, Enhanced Mitigation Experience Toolkit, Microsoft, Vulnerability }} '''DBSA ID:''' {{PAG..."
2014-02-24T23:38:11Z
<p>Created page with "{{DBSAHEAD | TITLE=Microsoft Attack Mitigation Toolkit Vulnerability | KEYWORDS=EMET, Enhanced Mitigation Experience Toolkit, Microsoft, Vulnerability }} '''DBSA ID:''' {{PAG..."</p>
<p><b>New page</b></p><div>{{DBSAHEAD<br />
| TITLE=Microsoft Attack Mitigation Toolkit Vulnerability<br />
| KEYWORDS=EMET, Enhanced Mitigation Experience Toolkit, Microsoft, Vulnerability<br />
}}<br />
<br />
'''DBSA ID:''' {{PAGENAME}}<br />
<br />
'''Regarding:''' Microsoft Attack Mitigation Toolkit Vulnerability<br />
<br />
'''Writeup:''' [[User:Kradorex Xeron|Kradorex Xeron]] ([[User talk:Kradorex Xeron|talk]]) 18:38, 24 February 2014 (EST)<br />
<br />
'''Date:''' 2014 02 24<br />
<br />
'''Last Modified:''' {{REVISIONTIMESTAMP}} by {{REVISIONUSER}}<br />
<br />
'''Who should take note:''' All Windows Users<br />
<br />
==Classification==<br />
<br />
'''Priority:''' MODERATE<br />
<br />
'''Rationale:''' Users must ensure they are not subjecting themselves to malware<br />
<br />
'''Severity:''' MODERATE<br />
<br />
'''Rationale:''' Users effected may be under a false sense of security<br />
<br />
'''Spread of Issue:''' SINGLE-PLATFORM MODERATE<br />
<br />
'''Rationale:''' All users who have EMET installed and enabled are effected.<br />
<br />
==Description==<br />
Microsoft has a security solution called "Enhanced Mitigation Experience Toolkit" (EMET) that it releases for use to protect potentially vulnerable software to disable zero-day exploits from being effected. A critical vulnerability has been located in EMET where an attacker can completely bypass the protections the software provides to install malware or perform alterations to the system. The discovered vulnerability effectively utilizes "detours" around the checks, thus bypassing the protections.<br />
<br />
* EMET 4.1 is vulnerable, it's assumed prior versions are also.<br />
<br />
==Mitigation/Solution==<br />
Users should be cautious on what input or files they are utilizing with any software at all times and not rely on security solutions to be a sole protection. It is advised to only open files that one knows the original source and is able to verify the legitimacy of those files before using the file in any capacity.<br />
<br />
==References==<br />
* http://arstechnica.com/security/2014/02/new-attack-completely-bypasses-microsoft-zero-day-protection-app/<br />
* http://bromiumlabs.files.wordpress.com/2014/02/bypassing-emet-4-1.pdf (original source credit)<br />
<br />
[[Category:DBSA|2014]]</div>
Kradorex Xeron