Today is day 91, so the issue is now public. I consider this relatively low severity, but you could take down an entire Windows fleet relatively easily, so it's worth being aware of. https://bugs.chromium.org/p/project-zero/issues/detail?id=1804 …
-
-
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
We found a DoS when processing certificates in Windows back in 2013. https://business.blogthinkbig.com/how-to-cause-dos-in-windows-8_30/ …. Pretty dumb but... maybe related?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@taviso you mentioned that AV and many others use this and it causes a deadlock. In your opinion could a malicious actor use it to kill or suspend endpoint protection as part of a Payload? I'm concerned that many epp/av vendors may be dependent and severity is higher for them?Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Wondering if other implementations have the same infinite loop issue
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Actually, it’s almost certain you do use products created by both companies, though you may not know it. Hosting or database storage or other things. This guy’s 15 minutes of fame could put a lot of folks at risk. If it happens how would he not be liable?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Is there somehow implied this may lead to a crypto downgrade condition ?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Hi, is there already a CVE registered for this? Thanks
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
The hypocrisy.
@google creates a massively vulnerable, fragmented Android ecosystem, does essentially nothing to fix it, and then let's its researchers like you shame other companies who asked for 1 more measly month to fix something. Gotta love it.#irresponsible#arrogant -
Feel free to report security issues to Google with responsible disclosure. I'm sure they'd love the extra pair of eyes.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.