Hello, welcome to the Thursday, May 31st, 2018 edition of the Sansonet Storms and Stormcast. My name is Johannes Ulrich and today I'm recording from Jacksonville, Florida.

Trent Micro's Seraday initiative released an advisory making public a remote code execution vulnerability in Windows JScript.

This means that essentially an attacker would be able to execute code using malicious JavaScript.

Now I think there are two reasons why you shouldn't really be panicking about this disclosure.

First of all, while this does execute code, it is still limited by

the browser sandbox, so you would need a second exploit to break out of the sandbox and

really compromise the system. Secondly, there are literally dozens of bugs like this that Microsoft fixes each year.

I think there are probably a few dozen more out there.

This is just one more J-Script vulnerability.

And I hope come June patch Tuesday, Microsoft will release a patch for this.

But talking about vulnerabilities, there's actually what I consider a more severe vulnerability

in Git.

And this is one that has been patched today.

And it could lead to arbitrary code execution if you clone a malicious repository.

The problem here is that on the client side, when you clone a malicious repository. The problem here is that on the client side when you clone a repository, you can define post-checkout scripts.

These scripts run after you check out the repository.

Now, of course, these scripts are not downloaded from the repository.

However, due to this vulnerability that does affect submodule repositories, it is possible

for an attacker to set up a malicious repository that will then lead to script execution

using these post checkout hooks.

Interesting vulnerability and something that you should definitely patch.

In particular, if you clone repositories that you don't necessarily control.

...