Big day for exploits
- Nearly 90 percent of Android devices vulnerable to endless reboot bug.- Exploits a flaw in Android media players when running .mkv files only.
- The vulnerability affects Android versions 4.0.1 to 5.1.1
- Google has already patched the vulnerability.
- Revamped RIG exploit kit infects 1 million PCs (27,000 PCs each day).- http://www.scmagazine.com/revamped-rig-exploit-kit-infects-pcs/article/430923
- Zero-day exploit hits fully patched Macs- OS X 10.10 has a vulnerability that allows hackers to install malware without system passwords.
- The problem lies with a new error-logging feature in OS X, which can be exploited by cyber-criminals to create files with root privileges onto a target Mac without requiring system passwords.
- The hackers are able to modify sudoers file and can install adware like VSearch, Genieo package variations and MacKeeper.
- The vulnerability exists in Apple’s current OS X 10.10.4 and recent beta versions of OS X 10.10.5, but not early builds of OS X 10.11.
- Apple has not released a patch yet.
- Following third-party kernel extension is said to provide a fix for FreeBSD (which Mac OS is based on).