Haifei Li

@HaifeiLi

For contact in the security community. NOTE: All the tweets are totally my personal opinions, not about any of my current employer stuff.

Vancouver, Canada
Vrijeme pridruživanja: travanj 2010.

Tweetovi

Blokirali ste korisnika/cu @HaifeiLi

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @HaifeiLi

  1. Prikvačeni tweet
    5. ruj 2017.

    Blog post: Re-enjoying the ActiveX (and others) Fun in Chinese Customized Browsers .

    Prikaži ovu nit
    Poništi
  2. 2. ruj 2019.
    Prikaži ovu nit
    Poništi
  3. 2. ruj 2019.

    @ Leavenworth, WA. The road trip was beautiful.

    Prikaži ovu nit
    Poništi
  4. 28. kol 2019.

    Thanks everyone! Wow, I was truly impressed by the TTD feature on Windbg Preview, seems easy to perform taint analysis, as well as many others. Definitely top 1 of my learning list.

    Poništi
  5. 26. kol 2019.

    Dear Twitter, I’m wondering if there’s a dynamic taint analysis tool for “process-wide” (not OS-wide) data tracking? Like a plugin for Windbg? It outputs all the instructions that touches/copies my data.

    Poništi
  6. 26. kol 2019.

    I think it's a good thing to have a closer look of the Flash attack vectors on various popular apps, so this is the work of "Killing Flash, Killing It Everywhere - A Comprehensive Analysis of the Flash Attack Vector", also presented last wk @ KCON conf.

    Poništi
  7. 21. kol 2019.
    Poništi
  8. proslijedio/la je Tweet
    16. kol 2019.
    Odgovor korisniku/ci

    Thanks for the mention, I wasn't aware of that. Without the Safe Reading Mode it is RCE by default :/

    Poništi
  9. 15. kol 2019.

    I’m wondering if there’s real Foxit Reader user in my Twitter followers & affected by this? Love to hear back if your Safe Reading Mode found disabled.

    Poništi
  10. 15. kol 2019.

    Now let's give some credit to the vendor Foxit, they responded quickly and fixed the issue. Users who update now should receive the correct upgrade package.

    Prikaži ovu nit
    Poništi
  11. 15. kol 2019.

    Therefore, I recommend all Foxit Reader users check the Safe Reading Mode setting manually, if it’s disabled, you need to fix it asap (I suggest uninstall Foxit Reader first, then download the latest version from official site, then double check it manually).

    Prikaži ovu nit
    Poništi
  12. 15. kol 2019.

    It means that all Foxit Reader users who updated the software in that period are impacted, also note that Foxit Reader receives updates automatically, so fair to guess most Foxit Reader users are probably vulnerable at this point (if they ever updated in the period).

    Prikaži ovu nit
    Poništi
  13. 15. kol 2019.

    How long has it lasted? Well I'm not quite sure, but I 1st encountered the issue in April this year when working on a paper, at that time the latest Foxit Reader version was 9.5, now it's 9.6.. So, at least it lasted 4 months, fair to guess it could have lasted longer.

    Prikaži ovu nit
    Poništi
  14. 15. kol 2019.

    A brief investigation by me showed that the bug is due to that Foxit pushed the incorrect upgrade package (.fzip) on their cdn server. When the incorrect package is installed, it disables the Safe Reading Mode.

    Prikaži ovu nit
    Poništi
  15. 15. kol 2019.

    Simple words, it's very easy to get hacked (by opening malicious PDF file) if the Safe Reading Mode is disabled.

    Prikaži ovu nit
    Poništi
  16. 15. kol 2019.

    Also, if it's disabled, embedded Flash exploit (in a PDF) will run automatically! We will talk more about the Flash attack vector at KCON security conf later this month in Beijing, you're welcome to attend .

    Prikaži ovu nit
    Poništi
  17. 15. kol 2019.

    What does it mean if the "Safe Reading Mode" is disabled on Foxit Reader? Lots of bad things could happen.. A blog post from well explained it .

    Prikaži ovu nit
    Poništi
  18. 15. kol 2019.

    [THREAD] Yup! Foxit Reader just fixed a very weird & critical bug I encountered, simply put: the security option "Safe Reading Mode" is disabled when user updates their Foxit Reader (via the default updating process).

    Prikaži ovu nit
    Poništi
  19. 13. kol 2019.

    Long time no actual bug reporting to but I just ran into the situation “we determined.. not fix.. thank you” like old time again.. No single word of why? Can’t we have a little transparency? It’s not cool to ppl who spent lot time researching & reporting to you.

    Poništi
  20. proslijedio/la je Tweet
    9. kol 2019.
    Poništi
  21. 8. kol 2019.

    Kudos to MS as now they could talk about things like this, however the thing still puzzling me is that how and how could Outlook/Exchange bugs are not in scope of your many bounty programs??

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·