Micropatches for Windows Installer Elevation of Privilege Vulnerability (CVE-2024-38014)
https://blog.0patch.com/2024/10/micropatches-for-windows-installer.html

Google Chrome security advisory: Stable Channel Update for Desktop
New version 129.0.6668.89/.90 for Windows, Mac and 129.0.6668.89 for Linux includes 4 security fixes, 3 externally reported:

• CVE-2024-7025 (high) Integer overflow in Layout
• CVE-2024-9369 (high) Insufficient data validation in Mojo
• CVE-2024-9370 (high) Inappropriate implementation in V8

No mention of exploitation.

#google #chrome #vulnerability #cve

🚀 Taking a quick dive into Ghidra 11.2’s stack-based string handling! 🛠️

Check out the improvements from version 11.1.2 to the new release. Stack strings have been a long time coming, but Ghidra is ever improving! 👏 #Ghidra #ReverseEngineering #everydayghidra

It’s troubling to see intrusion responses struggle due to lack of logging and visibility. Build a robust logging strategy and practice hunts to truly understand what you're monitoring and what you can trust. Incident time is a painful moment for discovery learning.

We're both close to half a mil total downloads and to finalizing Issue #5 (if you want to get your article in, you have literally a few more days left to submit! there's still time, but not a lot)

https://bird.makeup/@pagedout_zine/1841396794602737794

Today, I'm feeling generous and giving away 2 free tickets for #r2con2024. What do you have to do?

You have to reply to this tweet saying what you like most about #radare and what you use it for. The most original comment will be the winner! @radareorg @pancake https://rada.re/con/2024/

"After decades of searching for photo-realism and performance, the soon to be over myth of perpetual growth is leaving the stage to more computationally minimal aesthetics and dispositives to refocus on the power of concept, interaction, stories and subjectivity in a scarce real-world."

From the European Permacomputing Gamejam Site:
https://itch.io/jam/europermajam

Another cool blog post by @sploutchy (Compass Security)

"COM Cross-Session Activation"

Quick read, and straight to the point. This article provides a real-life example (Google Updater service here) showing one way to exploit a COM class for local privilege escalation on Windows. 👌

👉 https://blog.compass-security.com/2024/10/com-cross-session-activation/

#windows #vulnerability #privesc #cve #CVE_2024_7023

Now this is interesting, Windows 11 24H2 allows you to connect to an SMB server with an arbitrary TCP port. Could come in handy ;-)
https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-alternative-ports-now-supported-in-windows-insider/ba-p/3974509

This was a fun podcast with @aionescu discussing all things kernel: https://podcasts.apple.com/us/podcast/adversary-universe-podcast/id1694819239?i=1000671431945

I love this part also. The #CSAM regulation proposal is full of how it is all great for privacy, and then it hits you with this. Apparently this is scanning of all OUR photos, not of theirs: https://www.patrick-breyer.de/wp-content/uploads/2024/10/2024-10-01-conseil-hu-csam-proposition-approche-generale-24-septembre.pdf

The second article in our new series on #Windows #kernel #driver #vulnerability research and #exploitation is out!

Exploiting #AMD atdcm64a.sys arbitrary pointer dereference - Part 2:
https://security.humanativaspa.it/exploiting-amd-atdcm64a-sys-arbitrary-pointer-dereference-part-2/

This time, @ale98 covers how to craft PoCs for the arbitrary MSR read and arbitrary pointer dereference vulnerabilities described in his previous article, with step-by-step advice for debugging with #IDAPro.

Enjoy... and stay tuned for the third and last article next week.

My TamaGo talk at the recent @osfc_io is now online, if you are interested check it out!

https://www.osfc.io/2024/talks/tamago-bare-metal-go-for-arm-risc-v-socs/

dedicated to the brave reverse engineers