With eBPF planning to use PPL to protect the byte code verifier before uploading into the Windows kernel, is PPL a security boundary yet?https://github.com/microsoft/ebpf-for-windows …
still possible bypass Ms signed only dll policy with scriptlets? If so: Find ms signed dll onload exec com class- make into scriptlet restart ppl service time it so when it load a dll you redefine c: resulting in it loading dll that exec clsid now a scriptlet- arb ppl exec thx
-
-
They fixed that a long time ago (1803 maybe?), just block scrobj.dll in CI.DLL :D
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.