Windows Critical Security Update- Remote Code Execution

A new vulnerability has been discovered that allows remote code execution by opening specially crafted documents or untrusted web pages which the OpenType fonts has been embedded. The target of this vulnerability are Windows Vista (SP2), Windows Server (2008 & 2012, Core Installation) and windows server (2008 & 2012) R2 (32/64), windows 7 (32/64), as well as Windows 8 and 8.1 and RT 8.0 and RT 8.1.

Metasploit Lovers:

Metasploit hasn’t updated their exploits for this vulnerability yet.

For more information refer to the following link:

https://technet.microsoft.com/en-us/library/security/MS15-078

Advertisements

Mail App of iOS 8.3, is vulnerable to Phishing attack

There is always a debate between Apple Lovers and Android or Windows OS fans. there is an wrong believe that iOS never get hacked, or virus, or this is the best product. several times I have showed in my classes how Apple devices, similarly may get hacked  as  windows or Android devices can be a target for hackers. Hereby, there is a news that shows how a phishing attack my cause Apple user to lose their iCloud credential over Maill app. This vulnerability can be findout on iOS 8.3. Phishing attack is one the most significant and fast track methods allows hackers to obtain credential information or remote attack and many more. The prove of Concept of this attack has been uploaded in youtube and the PoC code of it has been shared with github for learning purpose.