Home / Archives for Haifei Li / Page 2

More from Haifei Li

McAfee Labs

A Close Look at RTF Zero-Day Attack CVE-2014-1761 Shows Sophistication of Attackers

A serious RTF zero-day attack has struck recently. McAfee detection solutions were provided a couple of days ago that allowed us to spot in-the-wild attacks. We detected this exploit on Wednesday. McAfee Labs researchers have been actively working on this threat. In this post, we will share our perspective on ...

McAfee Labs

RTF Attack Takes Advantage of Multiple Exploits

This is a joint analysis by Haifei Li, Stanley Zhu, and Jun Xie of McAfee Labs Recently, the rich text format has provoked new interest in the security industry due to a critical RTF zero-day (CVE-2014-1761) exploit found in the wild. McAfee Labs has investigated this threat. As usual, we ...

McAfee Labs

McAfee Labs Detects Zero-Day Exploit Targeting Microsoft Office

Last Thursday morning (October 31), our Advanced Exploit Detection System (AEDS), which we discussed in an earlier post, detected a suspicious sample targeting Microsoft Office. After some investigation, we confirmed this is a zero-day attack. Considering the importance of this incident, we shared our findings immediately with the Microsoft Security ...

McAfee Labs

New Zero-Day Attack Copies Earlier Flash Exploitation

Late on July 10, Microsoft released a blog post disclosing that they were aware of a zero-day attack in the wild. This attack exploits a previously unpatched Internet Explorer vulnerability (CVE-2013-3163). It’s interesting that the vulnerability was just patched in this month’s Patch Tuesday (July 9), which is perhaps only ...

McAfee Labs

Tracking PDF Usage Poses a Security Problem

Update on May 2 Adobe has confirmed this vulnerability and has scheduled a patch release for May 14.   Looking back this year’s RSA Conference, you might have the feeling that the current threat landscape is primarily a series of advanced attacks. This concept includes well-known advanced persistent threats (APTs) ...

McAfee Labs

A Quick Analysis of the Flash Player Opcode-Verifying Code Execution Vulnerability

On October 12, McAfee Labs learned of proof-of-concept code exploiting a newly patched Flash Player vulnerability. Adobe had patched this vulnerability in its latest security update on October 8. Our research team rapidly responded to this threat with an in-depth analysis of the root cause and the degree of exploitability. ...

Subscribe to McAfee Securing Tomorrow Blogs