Critical Vulnerability Recaps

Introduction

When information security vulnerabilities are identified, the Internet Storm Center (ISC) develops, assembles, and distributes material to help the cyber security community manage these threats. For some of the more critical vulnerabilities, SANS hosts special webcasts led by ISC handlers to provide additional information. On this page, you can read an overview of some of the recent critical vulnerabilities, watch the related webcasts or go to the ISC to learn more about each vulnerability.


HTTP.sys Vulnerability Webcast

Recorded on April 16, 2015
Speaker: Dr. Johannes Ullrich

On Tuesday, April 14, Microsoft released MS15-034 as part of its monthly patch. The bulletin addresses a vulnerability in HTTP.sys, the library processing HTTP requests in Windows. According to Microsoft, the vulnerability could be used to run arbitrary code on a vulnerable host.

Among other programs, IIS uses HTTP.sys, and is directly exposed to the exploit. As of the release date, trivial to execute exploits have been made public that will cause an IIS server to crash, and in a published analysis of the bug, an exploit to leak kernel memory was outlined.

SANS Institute hosted a live webcast where Dr. Johannes Ullrich discussed the exploit, why it happened, how to prevent exploitation and how prevalent its use has already become.

View Webcast Recording

HTTP.sys Vulnerability Information from Internet Storm Center

For the latest information about this vulnerability, including FAQs and ISC handler posts, please visit the ISC.


Wrapping Up The GHOST: Lessons Learned From The Ghost Vulnerability

A SANS Webcast, sponsored by Veracode
Recorded on Friday, February 6 at 1:00pm EDT

Wrapping Up The GHOST: Lessons Learned From The Ghost Vulnerability - with Johannes Ullrich and Chris Wysopal.. In this presentation, we will explain what "Ghost" is all about, how to recognize vulnerable systems, and what can be done to mitigate risk. We will look beyond Ghost to explain how to quickly assess your exposure and build a comprehensive framework to address high priority vulnerabilities.

View Webcast Recording

Ghost Vulnerability Information from Internet Storm Center

The SANS Internet Storm Center is on top of the Critical GLibc (Ghost) Vulnerability CVE-2015-0235 . Johannes Ulrich, Dean of Research and a faculty member of the SANS Technology Institute, has produced a short video to help better understand the critical nature of this vulnerability and what can and should be done about it. Visit and stay connected with the Internet Storm Center for the very latest. Learn more.