The Internet: Bad Write in TTF font parsing (win32k.sys)

ID H1:48100
Type hackerone
Reporter dirtybit
Modified 2015-03-01T08:29:00


This bug was originally reported through Project Zero at Google. Alex Rice suggested to me that I could potentially receive a bounty through Hacker One so I am also opening a report here.

The vulnerability reference numbers are MS15-010 CVE-2015-0059

The original bug report is

Microsoft released a patch on 2/10/15

Repros, loader, and minidumps are attached