Thank you @_larry0! Anyone else have their #myfavoritevuln?
#VulnLife #StickerLife #InfoSechttps://twitter.com/_larry0/status/1189707301923504128 …
-
-
Windows WMF SetAbortProc bug https://www.kb.cert.org/vuls/id/181038/ Steve Gibson asserted that this was an intentional backdoor. https://www.grc.com/sn/SN-022.htm Windows automatically executes code pointed to by LNK file https://www.kb.cert.org/vuls/id/940193/ This allowed for Stuxnet to exist.
-
IE doesn't honor the killbit https://www.kb.cert.org/vuls/id/998297/ By putting curly braces {} around the CLSID for an ActiveX control in HTML, IE will ignore whether a killbit has been set for the control. So any attacker can run any disabled/vulnerable ActiveX. I found this one by accident.
- 4 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.