Thanks Wisdom Sent from my iPad > On Feb 26, 2016, at 12:29 PM, Wisdom Donkor <[log in to unmask]> wrote: > > Dear All, > > Malicious websites are exploiting a recently fixed vulnerability in Microsoft's Silverlight application framework to perform drive-by malware attacks on vulnerable visitor devices, a security researcher has determined. > > The critical code-execution vulnerability, which Microsoft patched last month, was actively exploited for two years in attack code owned by Italy-based exploit broker Hacking Team. As Ars reported last July, the Silverlight exploit came to light following a hack on Hacking Team's network that exposed gigabytes worth of private e-mails and other data. Researchers with Russian antivirus provider Kaspersky Lab later discovered the vulnerability being exploited in the wild and privately reported it to Microsoft. > > Now, exploit code for the patched vulnerability is being distributed through Angler, one of several toolkits that criminals use to seed websites with code that carry out drive-by attacks. > > Please find attached advisory > > Kind Regards > > > WISDOM DONKOR (S/N Eng.) > ICANN Fellow / ISOC Member, IGF Member, Diplo Foundation > OGP Working Group Member, Africa OD Working Group Member > E-government and Open Government Data Platforms Specialist > National Information Technology Agency (NITA) > Ghana Open Data Initiative (GODI) > Post Office Box CT. 2439, Cantonments, Accra, Ghana > Tel; +233 20 812881 > Email: [log in to unmask] > [log in to unmask] > [log in to unmask] > Skype: wisdom_dk > facebook: facebook@wisdom_dk > Website: www.nita.gov.gh / www.data.gov.gh > www.isoc.gh / www.itag.org.gh > > <Microsoft Silverlight Vulnerability_CERT-ADV10426022016.pdf>