IE Time Element Memory Corruption Exploit (MS11-050)
28 August 2012
The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Time Element Memory Corruption Vulnerability."
CVSS v2 Base Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.
A new report is describing major security and privacy issues in several leading wearable fitness tracking devices and accompanying mobile apps. The research examined offerings by Apple, Basis, Fitbit, Garmin, Jawbone, Mio, Withings, and Xiaomi.
There is no silver bullet to eliminate every single threat that could strike an organization. But what we can do is take bits and pieces away from the equation to make it challenging and more difficult for attackers to get a foothold in the organization.