History of Client-Side Exploits and Latest Trends

Client-side vulnerabilities and attacks abusing those vulnerabilities have been around for years. In fact, one of the earliest security bulletins (MS98-011) listed in Microsoft’s security bulletin search fixed an IE4 client-side vulnerability in JScript parsing. However, the attacks of 1998 were more often vulnerabilities having direct attack vectors, rather than those abusing client-side vulnerabilities. On the Windows platform, client-side vulnerabilities have become more prominent only in the last few years. In this section, we’ll take a short trip down memory lane to look at some of the more prominent vulnerabilities used by attackers to infect victims with malware. If you’re more interested ...

Get Gray Hat Hacking, Second Edition, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.