CVE-2013-3893 | Breaking Cybersecurity News | The Hacker News

Japanese most popular word processing software ' Ichitaro ' and Multiple Products are vulnerable to a zero day Remote Code Execution Flaw Vulnerability, allowing the execution of arbitrary code to compromise a user's system. According to assigned CVE-2013-5990 ,  malicious attacker is able to gain system access and execute arbitrary code with the privileges of a local user. The vulnerability is caused due to an unspecified error when handling certain document files. " We confirm the existence of vulnerabilities in some of our products. " company blog says. In a blog post, Antivirus Firm Symantec confirmed that in September 2013, they have discovered attacks in the wild attempting to exploit this vulnerability during, detected as  Trojan.Mdropper , which is a variant of  Backdoor.Vidgrab . Researchers mentioned that  Backdoor.Vidgrab variant was used as a payload for a watering hole attack exploiting the Microsoft Internet Explorer Memory

October is turning out to be a busy month for patches. This month also marks the 10-year anniversary of the Patch Tuesday program, which Microsoft started in October of 2003. Scheduled for tomorrow, Microsoft has announced that they will release eight security updates including four critical, addressing vulnerabilities in Microsoft Windows, Internet Explorer (IE), Microsoft Office and its other products. Bulletin 1 is almost certainly to a zero-day vulnerability   CVE-2013-3893   that has been actively exploited by hackers in targeted attacks.  Though Microsoft issued a temporary " Fix it " in September for the vulnerability, Bulletins 2, 3 and 4 address vulnerabilities in a wide range of Microsoft products, including Windows XP, 7 and 8, and Windows Server 2003, 2008 and 2012. Bulletins 5, 6 and 7 address vulnerabilities that could allow for remote code execution .  Bulletin 8 addresses an information disclosure vulnerability in SIlverlight and is the le

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo