I noticed a bug in SymCrypt, the core library that handles all crypto on Windows. It's a DoS, but this means basically anything that does crypto in Windows can be deadlocked (s/mime, authenticode, ipsec, iis, everything). Microsoft committed to fixing it in 90 days, then didn't.
-
-
if you or anybody does any further analysis on the bug, I'd love to see it. There's a good chance that other implementations have the same or similar bug.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Would love to “sign” some executables with the Microsoft certificates, hehe
-
I would check whether this is specific to certain implementations. Like, does it only occur on 64-bit, when mulx instruction is available, etc.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.