On Episode 64 of The Edge of Innovation, we’re talking with entrepreneur Greg Arnette, about new business technology and archiving for perpetuity.
A couple of months ago a RTF 0-day was used in attacks and to bypass ASLR (Address Space Layout Randomization) it was using a non-ASLR module MSCOMCTL.OCX. This got me interested to research into how it was actually loading up and discover if there were any more modules that could be used in the future following the recent Microsoft bulletin MS14-024 that finally implemented ASLR on the module. I started with an exploit taken from MetaSploit which exploits the Microsoft Word RTF Object Confusion vulnerability (CVE-2014-1761) and patched in April updates MS14-017 . This exploit uses module MSCOMCTL.OCX to bypass ASLR and what I needed was that part of the code so removed all other code leaving it just to load the OCX file. …
Original Article Can be Found Here:
Don't miss the latest from The Edge of Innovation. Paul's weekly newsletter will bring you his favorite articles from the week and that week's podcast. Chock full of the latest in technology and business developments, Paul is sure to help you hack the future of your business. Subscribe here to receive Paul's weekly newsletter from The Edge of Innovation.