Diving into a Silverlight Exploit and Shellcode – Analysis and Techniques

by Omri Herscovici & Liran Englender

From our company’s blog (Check Point Software Technologies):

In recent years, exploit-kits have become one of the most common platforms for malware distribution. 

One of the exploits coming from Infinity exploit-kit exploits a security vulnerability in Microsoft Silverlight.

Compared to other technologies like Java, PDF, Flash, etc. – Silverlight exploits are less common. Just to get a rough feeling, according to cvedetails.com, from 2010 to 2014, 15 vulnerabilities were reported for Microsoft Silverlight , while Adobe Acrobat Reader had 268 vulnerabilities, Adobe Flash Player had 321 vulnerabilities; Microsoft Internet Explorer had 392 vulnerabilities and Java with at least 358 vulnerabilities. However, Microsoft Silverlight exploits, specifically CVE-2013-0074, are still delivered in active and well known exploit kits.

The blog post, including analysis PDF is availble here:


Analysis PDF:

Infinity EK Payload Decrypter Script:


Leave a Reply