Tech Editorials #Vulnerability #Windows #Advisory #CVE

From Convenience to Contagion: The Half-Day Threat and Libarchive Vulnerabilities Lurking in Windows 11

terrynini

2025-02-12

Windows 11's KB5031455 update adds RAR and 7z support via libarchive, but DEVCORE discovered multiple vulnerabilities, including Heap Buffer Overflow and arbitrary file operations. Delayed patching also enables “Half-day” attacks, putting projects like ClickHouse at risk. A step forward in convenience—or a hidden security threat?

Tech Editorials #CVE #Vulnerability #WorstFit #RCE #Windows

WorstFit: Unveiling Hidden Transformers in Windows ANSI!

orange

2025-01-09

The research unveils a new attack surface in Windows by exploiting Best-Fit, an internal charset conversion feature. Through our work, we successfully transformed this feature into several practical attacks, including Path Traversal, Argument Injection, and even RCE, affecting numerous well-known applications!

Tech Editorials #CVE #Vulnerability #Windows #Kernel #Advisory

Streaming vulnerabilities from Windows Kernel - Proxying to Kernel - Part II

angelboy

2024-10-05

This research continues to explore the attack surface of Kernel Streaming, delving into newly discovered vulnerabilities within another feature of Kernel Streaming and demonstrating how to leverage this bug class to successfully attack Windows 11. This topic was also presented at HEXACON 2024.

Tech Editorials #CVE #Vulnerability #Windows #Kernel #Advisory

Streaming vulnerabilities from Windows Kernel - Proxying to Kernel - Part I

angelboy

2024-08-23

This research will discuss an overlooked attack surface that allowed us to find more than ten vulnerabilities within two months. Additionally, we will delve into a proxy-based logical vulnerability type that allows us to bypass most validations, enabling us to successfully exploit Windows 11 in Pwn2Own Vancouver 2024.

Tech Editorials #CVE #Vulnerability #RCE #Advisory #Apache

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

orange

2024-08-09

This article explores architectural issues within the Apache HTTP Server, highlighting several technical debts within Httpd, including 3 types of Confusion Attacks, 9 new vulnerabilities, 20 exploitation techniques, and over 30 case studies. The content includes, but is not limited to: 1. How a single ? can bypass Httpd's built-in access control and authentication. 2. How unsafe RewriteRules can escape the Web Root and access the entire filesystem. 3. How to leverage a piece of code from 1996 to transform an XSS into RCE.

News #Announcement #Research #Windows #MSRC #Achievements

MSRC 2024 Most Valuable Security Researchers - Angelboy

2024-08-08

Congratulations to DEVCORE Senior Security Researcher Angelboy for being honored as one of Microsoft's MSRC 2024 Most Valuable Security Researchers! In addition to being ranked #33 in the overall TOP 100 list, Angelboy achieved a #9 ranking in the Windows category, reflecting his years of dedicated research in this field.