Yes, I am saying that. I think this is a real bug, just very poorly explained. The NTLM vector shouldn't even have been mentioned, that just confused everyone.
-
-
This one is really good. Can click anywhere and it triggers, amazing.pic.twitter.com/qxRkdlbTLs
-
- 5 more replies
New conversation -
-
-
Also, these last few examples require you to have malware already waiting on disk for you to execute it, no?
- 2 more replies
New conversation -
-
-
This still requires that you essentially let a phisher into your meeting AND click on the link they send you. Standard warnings apply- if you’re in a public place interacting with people you don’t know and trust, don’t follow their links or instructions.
-
It's not phishing, please don't misuse that term. Requiring interaction lowers the severity of any vulnerability, but we don't expect users to determine if links are trustworthy. It is always a vulnerability if they execute untrusted code.
- 2 more replies
New conversation -
-
-
Is that applicable over a remote SMB share hosting a digitally signed binary? Unlike this one:https://youtu.be/Om1w4DVkkEU
-
I agree that's a bug, but very very low severity because of the very clear prompt.
- 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
You can try to copy this if twitter doesn't mangle it: 
