Why no vulns on 2018? something changed in Windows? All hanging fruits were picked? other?
-
-
-
Yep, after N iterations of fuzzing and reporting the bugs to the vendor, we finally stopped seeing any more crashes. A related, important change is the fact that Win 10 handles fonts in sandboxed ring 3 (instead of ring 0), which diminishes the value of such issues
-
It is still useful if someone adds support to Graphite tables Silf, Glat, Gloc, Feat, Sil. eg: my font fuzzer used fonttools with a custom mutator in libFuzzer that was quite useful in Mozilla Firefox.
-
Indeed, I'm not playing with fonts anymore but I'm hoping the code can be useful to others to build a more effective fuzzer or use it to test software other than Windows
-
Same here :), thanks for sharing
End of conversation
New conversation -
-
-
Windows 10 does not handle fonts in the kernel, does it? Is the font handling still privileged and cussing worthy?
- 1 more reply
New conversation -
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
fun thx!
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Why now?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.