Web2Secure: Web Security Blog

We are non-funded group of security enthusiast who contributes and updates to community with latest security treats. Use and handle whatever links shared within website could be harmful to your systems with own risks. Feel free to use the contents for commercial or non-commercial purposes. We're very appreciating if using our useful information’s to your website by referring back to this original website. Donation or clicking on ads is most welcome to continue maintains costs for this website.

Sunday, July 5, 2009

MPEG2-BDATuningModelMPEG2TuneRequest exploits ** tsunami attack waves in China

Security vendor 360 in China had mentioned that lots of their country legitimate websites were compromised to host Microsoft MPEG2 0Day attack. Around 967 website and 7740 IP address were compromised according 360, and number visits still increasing above 150663. The target systems mainly on platform Windows XP version compare to Vista, Windows 2008 or Windows 7. Although this exploits has similarity to DirectShow and triggered through browsers. However, this exploit not require any media files to trigger execution and must prefered among attacker.

The exploit was disclosed in few security websites blog expecially in China but not in milw0rm or packetsecurity yet.

Exploits code can be obtain from:

http://xeye.us/blog/2009/07/microsoft-directshow-mpeg2tunerequest-stack-overflow-exploit/

Coming....i will share more on how from the legitimate website to malicious website.

Web2Secure: Web Security Blog

Pages

Sunday, July 5, 2009

MPEG2-BDATuningModelMPEG2TuneRequest exploits ** tsunami attack waves in China

0 comments: