Down the Rabbit Hole: Reverse-engineering the Windows Text Services Framework and discovering major vulnerabilities that have existed for almost 20 years
This is a great write-up that I found quite easy to follow, even though I don't know much at all about all of the systems involved. Absolutely insane discovery, it seems to allow compromising...
This is a great write-up that I found quite easy to follow, even though I don't know much at all about all of the systems involved. Absolutely insane discovery, it seems to allow compromising pretty much any Windows system that you have the ability to run programs on.
As described in the post, here's a video that the author made showing it exploiting the lock screen to open a command prompt with Administrator access: https://www.youtube.com/watch?v=r3vrzzDpmhc
I am amazed that this was allowed to fester for so long. I mean, to get this to work on Vista, Windows developers had to explicitly and deliberately punch a hole in UIPI! After the big security...
I am amazed that this was allowed to fester for so long. I mean, to get this to work on Vista, Windows developers had to explicitly and deliberately punch a hole in UIPI!
After the big security push for Windows XP SP2, Microsoft's hyped SDL clearly was not effective in preventing this.
This is a great write-up that I found quite easy to follow, even though I don't know much at all about all of the systems involved. Absolutely insane discovery, it seems to allow compromising pretty much any Windows system that you have the ability to run programs on.
As described in the post, here's a video that the author made showing it exploiting the lock screen to open a command prompt with Administrator access: https://www.youtube.com/watch?v=r3vrzzDpmhc
I am amazed that this was allowed to fester for so long. I mean, to get this to work on Vista, Windows developers had to explicitly and deliberately punch a hole in UIPI!
After the big security push for Windows XP SP2, Microsoft's hyped SDL clearly was not effective in preventing this.