BF-SIRT Newsletter 2017-19

The top stories from this week is how a bad bug in Microsoft’s Windows malware scanner can be used to install malware and how HP laptops include keyloggers in the Audio driver.

You can also read about three 0-days affecting Microsoft Office is actively exploited, and a new vulnerability exploiting the Linux kernel via packet sockets.

Top 5 security links
MsMpEng: Remotely Exploitable Type Confusion in Windows
Keylogger Found in Audio Driver of HP Laptops
EPS Processing Zero-Days Exploited by Multiple Threat Actors
Linux Kernel Packet Socket Vulnerability Exploit
Upcoming NIST Guideline Advocates Simpler Rules for Online Passwords