This file format isn't super nice via Outlook attachments either... https://twitter.com/enigma0x3/status/1006190624289312768 …pic.twitter.com/tSmODHKekV
-
-
Replying to @enigma0x3
every applications, which uses the standard API and therefore trusts that the mark of the web (eg the zone identifier) is properly evaluated will be vulnerable in one way or another (but most of the time the user has to click open).
3 replies 0 retweets 0 likes
Replying to @insertScript @enigma0x3
Absolutely. For example, with @googlechrome , the user simply has to have a single stray click at the bottom of a web page to achieve arbitrary command execution with no further prompting.pic.twitter.com/vhKUNzwZ8K
6:20 AM - 12 Jun 2018
0 replies
0 retweets
7 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.