I'm publishing some
research today, a major design flaw in Windows that's existed for almost *two decades*. I wrote a blog post on the story of the discovery all the way through to exploitation.
https://googleprojectzero.blogspot.com/2019/08/down-rabbit-hole.html …
-
-
What's interesting is that Windows Defender AV detects the pre-compiled binary files in the github release however the EXACT SAME CODE that I compiled myself as instructed (VS2019+GNU make) gets past just fine. Or maybe that sort of thing with AV shouldn't actually be surprising?pic.twitter.com/bOvWIGFhhN
-
Even building the exact same source code twice in succession on the same machine provides distinct binaries with many differences (in meta data, not executable code). If detection is done based on file hash it will fail.
- 4 more replies
New conversation -
-
-
So.. there 's a 'CTF' protocol... with 'flags' in it.. Really.. XD
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I suppose this is a design flaw, not a bug that a CVE can be assigned to. Have they responded? I don't see anything on the blogs.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Awesome post, I enjoyed reading it
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
uhhhhh uhhhhhhhhhh this is some terrifying stuff. also, are you actually a wizard?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@CTF it is all your fault! LolThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Du lourd !
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
obviously CTF means "Capture The Flag"
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.