Adobe Font Manager Library Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. For all systems except Windows 10, an attacker who successfully exploited the vulnerability coul...

Warning — Two Unpatched Critical 0-Day RCE Flaws Affect All Windows Versions

Microsoft today issued a new security advisory warning billions of Windows users of two new critical, unpatched zero-day vulnerabilities that could let hackers remotely take complete control over targeted computers. According to Microsoft, both unpatched flaws are being used in limited, targeted...

Microsoft Windows Multiple Vulnerabilities (KB4534310)

This host is missing a critical security update according to Microsoft KB4534310 Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

Iris - WinDbg Extension To Perform Basic Detection Of Common Windows Exploit Mitigations

Iris WinDbg extension performs basic detection of common Windows exploit mitigations 32 and 64 bits. The checks implemented, as can be seen in the screenshot above, are for the loaded modules: DynamicBase ASLR DEP SEH SafeSEH CFG RFG GS AppContainer If you don't know the meaning of some of the...

Microsoft Windows Font Cache Service - Insecure Sections Privilege Escalation

Microsoft Windows Font Cache Service - Insecure Sections Privilege Escalation Windows: Windows Font Cache Service Insecure Sections EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The...

Microsoft Edge’s vulnerability, related to access control deficiencies, allows attackers to elevate their privileges and escape from the isolated software environment.

The vulnerability of Microsoft Edge is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges and escape from the isolated software environment known as AppContainer...

Privilege escalation

An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka 'Microsoft Edge Elevation of Privilege Vulnerability'...

Microsoft Windows 10 1809 1709 - CSRSS SxSSrv Cached Manifest Privilege Escalation

Microsoft Windows 10 1809 1709 - CSRSS SxSSrv Cached Manifest Privilege Escalation Windows: CSRSS SxSSrv Cached Manifest EoP Platform: Windows 10 1809, 1709 Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary and others Summary: The SxS manifest...

The vulnerability of the Microsoft XmlDocument class in the Windows operating system allows attackers to elevate their privileges and escape from the isolated programming environment of the Edge AppContainer.

The vulnerability of the Microsoft XmlDocument class in the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to enhance their privileges and gain access to the isolated Edge AppContainer software environment...

Microsoft Windows 10 - XmlDocument Insecure Sharing Privilege Escalation Exploit

Exploit for windows platform in category local exploits Windows: XmlDocument Insecure Sharing Elevation of Privilege Platform: Windows 10 1809 almost certainly earlier versions as well. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: AppContainer Sandbox...

Microsoft Windows 10 - XmlDocument Insecure Sharing Privilege Escalation

Microsoft Windows 10 - XmlDocument Insecure Sharing Privilege Escalation Windows: XmlDocument Insecure Sharing Elevation of Privilege Platform: Windows 10 1809 almost certainly earlier versions as well. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria:...

Microsoft Windows 10 - XmlDocument Insecure Sharing Privilege Escalation

Windows: XmlDocument Insecure Sharing Elevation of Privilege Platform: Windows 10 1809 almost certainly earlier versions as well. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: AppContainer Sandbox Summary: A number of Partial Trust Windows Runtime classes...

Microsoft Windows 10 - SSPI Network Authentication Session 0 Privilege Escalation

Microsoft Windows 10 - SSPI Network Authentication Session 0 Privilege Escalation Windows: SSPI Network Authentication Session 0 EoP Platform: Windows 10 1803/1809 not tested earlier versions Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: Session boundary...

Microsoft Windows 10 - COM Desktop Broker Privilege Escalation

Microsoft Windows 10 - COM Desktop Broker Privilege Escalation Windows: COM Desktop Broker Elevation of Privilege Platform: Windows 10 1809 almost certainly earlier versions as well. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: AppContainer Sandbox Summar...

Microsoft Windows 10 - SSPI Network Authentication Session 0 Privilege Escalation

Windows: SSPI Network Authentication Session 0 EoP Platform: Windows 10 1803/1809 not tested earlier versions Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: Session boundary Summary: Performing an NTLM authentication to the same machine results in a network...

Microsoft XmlDocument Class Privilege Vulnerability

Microsoft Windows 10, etc. are a series of operating systems released by Microsoft Corporation in the U.S. The XmlDocument class is one of the classes used to load XML into the document object model. An elevation vulnerability exists in the Microsoft XmlDocument class that can be exploited by a...

Microsoft Windows Multiple Vulnerabilities (KB4480961)

This host is missing a critical security update according to Microsoft KB4480961 SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-0555

An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft XmlDocument Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows...

CVE-2019-0555

An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft XmlDocument Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows...

Privilege escalation

An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft XmlDocument Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows...