FireEye says that both Zero-Days are being exploited in the wild Later today, as part of their monthly update, Microsoft will release nine bulletins, correcting problems in Internet Explorer, all of their currently supported operating systems, Office, Share Point Server, and .NET.Three of these bulletins are rated critical, and according to FireEye, one of them will fix two Zero-Day vulnerabilities that are being actively exploited in the wild.FireEye’s research team identified the two Zero-Day vulnerabilities after seeing them used in targeted attacks “against some major corporations.”The victims were not named, but FireEye pointed out that each Zero-Day was being used separately in unrelated attacks. CVE-2014-4148 is a flaw in Microsoft’s TrueType Font (TTF) processing subsystem. Attackers are using an Office document to deliver the malicious TTF, which when opened, enables kernel-mode access to the compromised host.However, while Office documents are being used to deliver the TTF, the flaw itself does not reside in Office, this is an OS issue. FireEye says that both the 32-bit and 64-bit versions of Windows are impacted by the TTF flaw, but so far the attacks are only targeting the 32-bit versions.The malware delivered after successful exploitation has specific functions depending on the operating system version, including Windows 8 / 8.1; Windows Server 2012 / 2012 R2; Windows 7; Windows Server 2008 R2 (SP 0 and SP 1); and Windows XP SP3.The other Zero-Day vulnerability is CVE-2014-4113, which is a local elevation of privilege vulnerability. This flaw has been observed in attacks against Windows Server 2003/R2 & 2008/R2, Windows 2000, Windows Vista, and Windows XP SP3.“[This] vulnerability cannot be used, on its own, to compromise a customer’s security. An attacker would first need to gain access to a remote system running any of the above operating systems before they could execute code within the context of the Windows Kernel. Investigation by FireEye Labs has revealed evidence that attackers have likely used variations of these exploits for a while,” FireEye said in an emailed report on the flaws.FireEye will be publishing further details later today on the vulnerabilities and how they’re being used by the attackers. Microsoft, in a statement on Monday, said that both flaws would be fixed later today in MS14-058.“On October 14, 2014, Microsoft released MS14-058 to fully address these vulnerabilities and help protect customers. We appreciate FireEye Labs using Coordinated Vulnerability Disclosure to assist us in working toward a fix in a collaborative manner that helps keep customers safe.” Related content news Gwinnett Medical Center investigating possible data breach After being contacted by Salted Hash, Gwinnett Medical Center has confirmed they're investigating a security incident By Steve Ragan Oct 02, 2018 6 mins Regulation Data Breach Hacking news Facebook: 30 million accounts impacted by security flaw (updated) In a blog post, Facebook’s VP of product management Guy Rosen said the attackers exploited a flaw in the website's 'View As' function By Steve Ragan Sep 28, 2018 4 mins Data Breach Security news Scammers pose as CNN's Wolf Blitzer, target security professionals Did they really think this would work? By Steve Ragan Sep 04, 2018 2 mins Phishing Social Engineering Security news Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding After a year of investigation into the Common Vulnerabilities and Exposures (CVE) program, the Energy and Commerce Committee has some suggestions as to how it can be improved By Steve Ragan Aug 27, 2018 3 mins Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe