There’s a big difference between Microsoft’s statements about CVE-2017-11882 (Office exploit) vs the reporters. The reporters claim they have an exploit, Microsoft say no exploit. MS only say Important, reporters say no prompt RCE.
-
-
that screenshot is Windows Server 2016, it doesn't stop it
-
I suspect you didn't have system-wide ASLR properly enabled.
- 7 more replies
New conversation -
-
-
Haha I think Will knows

End of conversation
New conversation -
-
If I apply full EMET to the equation editor, does that help?
-
Sure, that's a more precise mitigation, and will block the exploit. It'll have less potential for collateral damage, but will also do nothing to protect against non-eqnedt32.exe exploits. Consider system-wide mandatory ASLR in the long run, in preparation for the next vul like it
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.