Here's a repository of all the code and tools I developed to explore this attack surface.https://github.com/taviso/ctftool
-
-
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I saw some websites claim that, but I think it's a mistake, it doesn't really seem right. My theory is it's just CTextFramework, but that's just a guess!
-
I see why it pops up on http://Microsoft.com . It is/was an Azure service:https://docs.microsoft.com/en-us/azure/cognitive-services/translator/ctf-reporting …
- 5 more replies
New conversation -
-
-
This is cool, nice find. Do MS plan to patch this one, e.g. the local user to SYSTEM issue?
-
Thanks! Yes, although it remains to be seen how thoroughly, it was quite a journey
https://bugs.chromium.org/p/project-zero/issues/detail?id=1859 … - 5 more replies
New conversation -
-
-
I like the quote: Sometimes, hacking is just someone spending more time on something than anyone else might reasonably expect
-
Hah, I stole it from
@jgamblin
- 2 more replies
New conversation -
-
-
They don't really have anything in common, this bug doesn't have anything to do with messages. If you're interested in that though, I did find a problem a few years ago with broadcast messages, http://blog.cmpxchg8b.com/2013/02/a-few-years-ago-while-working-on.html …
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Did they miss the deadline again or did a partial/complete patch ?
-
They literally left it until the last second, so I haven't been able to review the patches yet. It's my understanding that the patch won't be complete, but will fix the most important vectors. I haven't seen the patch yet, so I'm not certain.

- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
research today, a major design flaw in Windows that's existed for almost *two decades*. I wrote a blog post on the story of the discovery all the way through to exploitation.