Will somebody please report this to developers of Perl and Python and others-who-put-everyone-writable-locations-to-PATH because this is their vulnerability, not Microsoft's. @msftsecurity gets so many of these they have a special document ready for response :)https://twitter.com/zeifan/status/1191554733598658560 …
-
-
Nice script, Will. I get a couple additional PATHs under my local account with (Get-Item -Path Env:Path).Value.Split(";"). E.g. C:\Users\<user>\AppData\Local\Microsoft\WindowsApps is not under the Environment registry key. Is the registry method preferred?
-
I suspect that path isn't in the SYSTEM PATH, given its location. Only ones in the SYSTEM environment variable that are writable by normal users are exploitable.
- 1 more reply
New conversation -
-
-
Cc
@vysecurity there you go!Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Thanks!
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.