Ben Hawkes Retweeted R3dF09
Bugs like this are very important. Win32k isn't accessible in the Chrome renderer process on Win 10, but NTOSKRNL is. Kernel bugs for Chrome sandbox escapes are nice, because the kernel is a slower moving target than browser Mojo IPC interfaces, so lower maintenance/churn costs.https://twitter.com/R3dF09/status/1237610378432897025 …
Ben Hawkes added,
R3dF09 @R3dF09
I and @G0odFish found a beautiful OOB write bug (CVE-2020-0834) in Windows NTOSKRNL. It could be used in Edge and even Chrome sandbox to gain SYSTEM privilege.
@ExpSky and @Ox9A82 did an impressive job of exploiting the bug at #TianfuCup.
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0834 …
11:25 AM - 11 Mar 2020
0 replies
27 retweets
86 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.