Articles
Vulnerability Spotlight: VMWare Workstation DoS Vulnerability
Today, Talos is disclosing a vulnerability in VMWare Workstation that could result in Denial of Service. VMWare Workstation is a widely used virtualization platform designed to run alongside a normal operating system, allowing users to use both virtualized and physical systems concurrently. Read Mor…
Microsoft Patch Tuesday — October 18: Vulnerability disclosures and Snort coverage
Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 49 vulnerabilities, 12 of which are rated “critical,” 34 that are rated “important,” two that are considered to have “moderate”…
Vulnerability in the Intel Unified Shader compiler for the Intel Graphics Accelerator
Vulnerabilities discovered by Piotr Bania of Cisco Talos Talos is disclosing a pointer corruption vulnerability in the Intel Unified Shader compiler for the Intel Graphics Accelerator. OVERVIEW In order for the graphics to be produced, the graphics accelerators need to process the OpenGL scripts int…
Threat Roundup Sept 28 – Oct 5
Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Sept. 28 and Oct. 5. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, we will summarize the threats we’ve observed by h…
Vulnerability Spotlight: Google PDFium JBIG2 Image ComposeToOpt2WithRect Information Disclosure Vulnerability
Discovered by Aleksandar Nikolic of Cisco Talos Overview Cisco Talos is releasing details of a new vulnerability in Google PDFium’s JBIG2 library. An exploitable out-of-bounds read on the heap vulnerability exists in the JBIG2-parsing code in Google Chrome, version 67.0.3396.99. A specially cr…
BruCON Primer: 10 Years and Cisco Talos Talks
Cisco Talos will have a significant presence at the 10th edition of BruCON, which kicks off this week. Below, you will find the presentations that Talos researchers will give, along with a brief overview of the topics they will discuss. We are fortunate to have multiple speakers presenting this year…
Vulnerability Spotlight: Adobe Acrobat Reader DC Collab reviewServer Remote Code Execution Vulnerability
Discovered by Aleksandar Nikolic of Cisco Talos Overview Today, Talos is releasing details of a new vulnerability within Adobe Acrobat Reader DC. Adobe Acrobat Reader is the most popular and most feature-rich PDF reader. It has a big user base, is usually a default PDF reader on systems and integrat…
Vulnerability Spotlight: Multiple Issues in Foxit PDF Reader
Overview Cisco Talos is disclosing eightteen vulnerabilities in Foxit PDF Reader, a popular free program for viewing, creating and editing PDF documents. It is commonly used as an alternative to Adobe Acrobat Reader and has a widely used browser plugin. <<READ MORE>>…
Vulnerability Spotlight: Multiple vulnerabilities in Atlantis Word Processor
Vulnerabilities discovered by Cory Duplantis and Ali Rizvi-Santiago of Cisco Talos. Overview Cisco Talos is disclosing several vulnerabilities discovered in Atlantis Word Processor. Atlantis Word Processor is a portable word processor that is also capable of converting any TXT, RTF, ODT, DOC, WRI, o…