February 2018

On February 1st, Adobe published bulletin APSA18-01 for CVE-2018-4878 describing a use-after-free (UAF) vulnerability affecting Flash versions and earlier. As of February 6th, Adobe has patched the issue in version, APSB18-03. This post provides an overview of the vulnerability, a walk-through of the exploit seen in the wild, and covers several detection mechanisms.

October 2017

On October 9th 2017, SensePost researchers posted a technique demonstrating macro-less command execution in Microsoft Office documents through Dynamic Data Exchange (DDE). While variations of this technique are known, the post sheds light on the fact that Microsoft has no intent to address the matter, and that "exploit" creation is trivial. This post provides an overview of the vulnerability, provides a mitigation, covers sample hunting, and covers the dissection of a few interesting samples gathered during the week.