My bugs fixed by MS in the last Patch Tuesday (Windows Registry, GDI, GDI+, Uniscribe, ICM) are now unrestricted: https://bugs.chromium.org/p/project-zero/issues/list?can=1&q=finder%3Amjurczyk+fixed%3A2017-mar-14 …
-
-
Replying to @j00ru
so, this is results of in mem fuzz with custom app. most of them can only be triggered via a custom app atleast the corruption ones.
1 reply 0 retweets 2 likes -
Replying to @hosselot
The test harness is representative of what could be triggered in a real target.
1 reply 0 retweets 0 likes -
All of the crashes occur within the common DrawText() API with controlled text and malformed font, which is a realistic scenario.
1 reply 0 retweets 0 likes
... or rather "nearly all", since there was also one bug in ScriptGetFontAlternateGlyphs. :)
7:33 AM - 20 Mar 2017
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.