Explore >> Select a destination
|
You are here 
|
knight.sc | ||
| | | | |
m417z.com
|
|
| | | | | This is a write-up of a vulnerability that I discovered in Windows. The vulnerability was patched in December's Patch Tuesday, and the CVE assigned to it is CVE-2023-36003. The vulnerability allows a non-elevated process to inject a DLL into an elevated or otherwise inaccessible process, allowing for privilege escalation. The vulnerability is caused by a lack of security checks in the InitializeXamlDiagnosticsEx API, which is used for inspecting applications that use Extensible Application Markup Language (XAML) for their UI. XAML is the recommended way to build user interfaces in new Windows applications, and is used by more and more built-in applications, including Task Manager and Windows Terminal. | |
| | | | |
seclists.org
|
|
| | | | | ||
| | | | |
www.wired.com
|
|
| | | | | Plus: Apple shuts down a Flipper Zero Attack, Microsoft patches more than 30 vulnerabilities, and more critical updates for the last month of 2023. | |
| | | | |
plerion.com
|
|
| | | There are more ways to configure cloud resources than we can count. Find the bad ones with Cloud Security Posture Management (CSPM). | ||
