MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
windows
Search

Serial publisher of Windows 0-days drops exploits for 2 more unfixed flaws

Thursday May 23, 2019. 02:41 AM , from Ars Technica
Enlarge (credit: SandboxEscaper)
Update: One of the two exploits published on Wednesday has now been confirmed to exploit a Windows vulnerability that Microsoft patched in this month's Update Tuesday release cycle. The flaw involving the Windows Error Reporting service was previously described as CVE-2019-0863, Gal De Leon, the researcher Microsoft credited with discovering the vulnerability, said on Twitter. Researchers with 'micropatching' service 0patch have confirmed that the other exploit published on Wednesday, an IE 11 sandbox bypass, does indeed work on a fully patched Windows 10 system.
The headline of this post has been changed to reflect this new information. What follows is the story as it appeared earlier, with the exception of the last paragraph, which has also been changed to reflect the new information.
A serial publisher of Microsoft zeroday vulnerabilities has dropped exploit code for three more unpatched flaws, marking the seventh time the unknown person has done so in the past year.
Read 7 remaining paragraphs | Comments
https://arstechnica.com/?p=1509701
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Current Date
Mar, Fri 29 - 09:26 CET