What others are saying about us
Don’t just take our word for it. Read about us from trustworthy news sources.
Dogwalk is off the leash
Micropatching could greatly reduce the security update gap by making it possible to fix vulnerabilities with less risk and hassle before software companies have released their own official patches.
A locally exploited Microsoft vulnerability (CVE-2021-34484) has been unofficially fixed by net heroes 0patch. Again.
Security consultancy Acros Security has released a micropatch for Zerologon on its 0patch platform. The micropatch is particularly important for administrators with Windows Server 2008 R2 in their networks since that version of the operating system reached end-of-support in January and no longer receives official security updates.
Cool thing.
0patch simplifies software patching with powerful byte-sized updates
And finally, there’s 0patch, a product that does patching differently.
Micropatches are good fix-me-ups until you're able to apply the official fix.
0patch developed a micropatch that can temporarily protect systems until they receive the official update
Unlike Microsoft's security fix, 0patch's micropatch does not require rebooting and it targets a very specific audience, allowing administrators to patch systems that either can't be restarted or do not allow for Microsoft security fixes to be installed for various other reasons.
ACROS Security’s 0patch service has released an unofficial patch for OpenOffice to address this vulnerability. The micropatch can be applied to the latest version of OpenOffice for Windows. Micropatches have been released for LibreOffice as well.
Experts at ACROS Security’s 0patch released an unofficial patch for a recently disclosed remote code execution vulnerability in the Apache OpenOffice suite.
0patch rolls out micropatch for OpenOffice users
A micropatch is now available for a zero-day OpenOffice code execution vulnerability which can be triggered via automated macro execution following a mouseover event when viewing a maliciously crafted ODT document.
Adobe released a patch for the flaw yesterday, 12 February 2019, labelling the vulnerability CVE 2019-7089 as a critical data leakage issue. However, security firm Acros Security beat the software vendor to the punch by releasing its own patch on Monday.
The 0patch experts released a micropatch to address an in Adobe Reader zero-day that allows maliciously PDF docs to call home and send over the victim’s NTLM hash.
One day before Adobe’s monthly security updates, a third-party fix has been released for an Adobe Reader vulnerability revealed several weeks ago.
The 0patch fix temporarily patches a data-stealing exploit in Adobe Reader.
There are other ways to fix possible vulnerabilities, including micro patches from 0patch. The company says it will continue to roll out Windows 7 updates as long as it makes sense from a business perspective.
Three unfixed Microsoft Windows vulnerabilities have been assigned unofficial, temporary micropatches – including a recently-disclosed high-severity remote code-execution flaw.
Researchers from 0patch, a community of experts that aims at addressing software flaws, released unofficial patches for three Windows vulnerabilities that Microsoft has yet to be fixed
The 0Patch platform allows micropatches to be quickly distributed, applied, and removed to/from running processes without having to reboot computers or even restart processes.
The makers of 0patch, ACROS Security have announced a microfix for a newly disclosed Zero-day RCE vulnerability influencing Windows.
Over the last five days, Acros experts have released three micropatches for the three Windows zero-days for which proof-of-concept (PoC) exploit code has been posted online, opening the window for possible real-world attacks against Windows users.
ACROS Security’s 0patch service has released unofficial patches for three Windows vulnerabilities that Microsoft has yet to address, including denial-of-service (DoS), file read, and code execution issues.
Kolsek says that the 0patch fixes are meant to be temporary, until the official patch gets out. However, since Microsoft announced that it would not repair the issue, it looks like the micropatch could turn into a permanent solution for those that want to keep their systems protected against this vulnerability.
ACROS Security has been busy lately with creating micropatches for Windows zero-day vulnerabilities. In the last week, they published micropatches for the “AngryPolarBearBug” and “readfile” zero-days disclosed by the security researcher who goes online by the moniker “SandboxEscaper”.
Micropatching can be useful in multiple situations.
Kolsek's company has previously released many similar temporary fixes for zero-days that Microsoft didn't fix in time, or did not patch correctly in its first attempts. But usually, the 0patch app has been used to deliver micropatches for Windows versions that have reached End-Of-Life (EOL) and are not receiving official updates from Microsoft anymore.
While Microsoft has not yet commented on the bug, 0Patch’s micropatch for the flaw “successfully blocks the exploit by adding impersonation to the DeleteFileW call… the Delete operation now gets an “ACCESS DENIED” due to impersonation.”
0patch's microscopic 18 bytes micropatch corrects Microsoft's partial solution for the vulnerable msrd3x40.dll binary which would expose previously micro patched systems to attacks targeting the CVE-2018-8423 vulnerability.
Experts from 0Patch revealed that the Microsoft Zero-Day Patch for JET Database Engine vulnerability (CVE-2018-8423) is incomplete.
Until Microsoft's update, users could benefit from the protection of a micropatch - a temporary correction applied while the software is running - that became available from Acros Security 24 hours after the bug disclosure.
0patch released the micro-patch for Windows 7 just 7 hours after ZDI shared the PoC for the Windows Microsoft JET Database Engine zero-day.
ACROS Security, the company behind the free 0patch micropatch distribution platform, released their microscopic 21 bytes patch for the vulnerable msrd3x40.dll binary the day after ZDI published their Proof Of Concept exploit.
ACROS Security seems to have beaten Microsoft to the punch, however. ACROS identified a couple of instances where Microsoft’s code made impersonation calls in the wrong order during some permission-setting functions and by remedying those issues, the proof of concept code no longer worked.
While Microsoft is still working on fixing a recently disclosed privilege escalation vulnerability in Windows, security firm ACROS Security has stepped in to provide a temporary patch for the flaw.
Acros has also released the code it used so that administrators reluctant to get the micropatch can write their own code fix while waiting for Microsoft. This is one of those times when administrators don't have to wait for an official patch to defend themselves from potential attacks.
I was surprised to discover that 0patch, a well regarded patching platform from ACROS Security, now has a free patch available that plugs the 0day hole by simply, well, plugging the 0day hole. What a novel idea. Microsoft should do that… he says, tongue planted firmly in cheek.
ACROS Security, an infosec biz based in Slovenia, has bandaged and revived the dumped app with a binary-level fix of its own using its 0patch tool. Essentially, you need to restore the removed files and register Equation Editor as a local COM server, apply the ACROS fix, and you've got a working, patched math editor again in Office.
Another example of guerrilla patching is 0patch, a project from Slovenian consulting firm Acros Security. This approach uses what the firm calls “micro-patching“, in which the binary isn’t modified at all. Instead, the patches are in-memory changes, typically shorter than a tweet, that block malware trying to exploit a particular vulnerability.
However, the 0patch team thinks users shouldn’t have to wait so long to get patch fixes. The team is dedicated to stopping zero-day vulnerabilities as quickly as possible.
