Primarily, I gave them the advice to make sure that all interfaces (e.g. Named Pipes) are responsible for how content is processed securely. The topic about further securing authenticity checks ...well...I like your article. :-P
-
-
-
II couldn't help myself and took a look. They're now limiting what types they deserialize using a Binder. Their "auth" mechanism is still the same though. They also write into C:\ProgramData with no obvious security config, so probably some sym/hardlink attack surface as well.
- Još 1 odgovor
Novi razgovor -
-
-
I see this a lot and it makes me sad
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.