Tavis Ormandy, a security researcher at Google, has discovered a zero-day in Kaspersky and FireEye anti-virus.
Will mail report after dinner.
So, about as bad as it gets.
Kaspersky tell me they’re rolling out a fix globally right now, that was less than 24hrs.
FireEye remote root file system access 0day https://t.co/YabpDIkj6d
?
?
?
????????????????
FireEye Unauthenticated Command Injection remote root 0day at module ?
The paste on pastebin states, FireEye appliance, unauthorised remote root file system access.
Oh cool, web server runs as root!
After eliciting no response from FireEye/Mandiant, he decided to offer the zero-days to the highest bidder.
He already seems to have received one offer for the zero-days.
@h3rm4ns3clooking for that follow back plz
Mr.Moo (@Alshomranimoham)September 7, 2015
Read More
source: www.techworm.net
