I've confirmed that this works on a fully-patched (latest May updates) Windows 10 (1809 and 1903) system. This exploit allows a normal desktop user to gain full control of a protected file.https://twitter.com/campuscodi/status/1136950963154161664 …
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
I haven't been able to reproduce this exploit on a system that has July's updates from Microsoft. I can't find any official statement about it being patched, but honestly, I can't really navigate the Patch Tuesday pubs since they switched from "MS" to "CVE" IDs. Is it fixed?
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1129 … addressed this vulnerability.
Thanks! I don't see CVE-2019-1129 in what I understand to be a summary of July's updates https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/48293f19-d662-e911-a98e-000d3a33c573 … though. Am I looking at the wrong summary for July's updates? Or is CVE-2019-1129 not in that list for other intentional reasons?
CVE-2019-1130 is credited to "Polar Bear" so I believe this is the one you're looking for. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1130 …
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.