Sundown exploit kit weaves Edge hack hole
Authors of the Sundown exploit kit have integrated a since patched and limited Microsoft Edge vulnerability from a security firm's public proof-of-concept.
The addition of the twin bugs (CVE-2016-7200 and CVE-2016-7201) means unpactched users of one of the world's most unpopular web browsers are likely to be targeted by a wide cross-section of malware writers.
It is no cause for high concern for most windows users: the Edge browser by default applies patches automatically meaning fewer users would be affected, while improved exploit mitigations in Windows 10 frustrates the ability for criminals to have malware execute.
Malware monitor Kafeine reported Sundown's use of the exploits which were taken from a proof-of-concept released by Texas security startup Theori .
"I have been told that with Windows 10 (release 1607), Microsoft Edge has some quite strong mitigation," Kafeine says.
"No WinExec, no CreateProcess, no ShellExecute, meaning every child process creation is blocked.
"The proof-of-concept might need a little more magic powder to work."
The incorporation of the exploit into Sundown breaks the period of quiet in the exploit kit marketplace since the downing of Angler , then the world's reigning king of highly-capable exploit kits.
Spiderlabs hackersin September badged Sundown as the current champ in the exploit kit market, albeit one at least then more versed in copy and paste than original coding.
Sponsored: Customer Identity and Access Management
本文系统（windows）相关术语:三级网络技术 计算机三级网络技术 网络技术基础 计算机网络技术