j00ru//vx

@j00ru

Windows hacker & vulnerability researcher. Google Project Zero.

Poland
Vrijeme pridruživanja: travanj 2010.

Medijski sadržaj

  1. 11. ruj 2019.

    Just derestricted two Microsoft DirectWrite font bugs fixed yesterday, found with the harness I published recently. One shiny mem. disclosure only affected Edge, as Chrome and Firefox were protected by OTS, which doesn't allow EBDT/EBLC tables. Yay for attack surface reduction👏

  2. 7. kol 2019.

    I'm very happy to be ranked #9 on this year's researcher list at , which makes it the fifth year in top 10. Hats off to everyone else on the list! 😀

  3. 6. svi 2019.

    I also took the chance to analyze all kernels starting with Windows NT4, and created a chart showing the progression of the syscall table sizes between 1996-2019 in visual form. Actually seeing the bigger picture of a ~2.5x growth is quite fascinating/scary.

    Prikaži ovu nit
  4. 16. tra 2018.

    As promised last week, the details of the .PDB heap memory disclosure in Visual Studio (CVE-2018-1037) are now available at . Infoleaks are a really special breed of bugs, be it in kernel or user-mode 🐛

    Prikaži ovu nit
  5. 20. ožu 2018.

    The write-ups of 12 further x64-specific Windows kernel infoleaks fixed last week are now online: . I'll discuss their discovery in my upcoming talk in April :)

  6. 20. pro 2017.

    I've just derestricted a new unpatched Windows 7-10 kernel pool pointer leak: . It's an interesting instance of a "double-write" race condition during user/kernel interactions.

  7. 21. stu 2017.

    The video from my Black Hat USA 2017 talk on Bochspwn Reloaded (kernel memory disclosure detection project) is now on YouTube:

  8. 19. lis 2017.

    The syscall tables on my blog were just updated with Windows 10 Fall Creators Update. The velocity of win32k changes is getting out of hand

  9. 26. srp 2017.

    I'm happy and honored to be listed #1 on this year's researcher list. :) Congratulations to everyone who made it there.

  10. 25. svi 2017.

    If you like kernel security or the Bochspwn project, feel invited to my Bochspwn Reloaded talk at and this summer.

  11. 3. kol 2016.

    Seems like I made it to both top 3 and 57 on this year's MSRC researcher list at . :)

  12. 24. ožu 2015.
    Odgovor korisniku/ci

    thanks! :) here's a larger piece of the final ranking if you're interested.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·