OSK ATBroker Registry Security Scanner

This program is a defensive Windows security scanner designed to inspect registry locations related to On-Screen Keyboard osk.exe and Accessibility/ATBroker configuration, which are sometimes abused in privilege escalation or persistence attacks...

📄 OSK Privilege Escalation

This PowerShell script acts as a wrapper/launcher for a compiled Windows exploit binary targeting the OSK On-Screen Keyboard privilege escalation vulnerability. ================================================================================================================================== | Tit...

📄 OSK Registry-Based Privilege Escalation / Symlink Attack

The provided code is a conceptual Windows privilege escalation exploit targeting the On-Screen Keyboard osk.exe and Accessibility AT registry infrastructure. It attempts to abuse weak trust boundaries between user-level registry configuration and system-level execution paths...

EUVD-2014-2808

Malware in sbrugna...

EUVD-2008-1363

Malware in sbrugna...

June 27, 2023—KB5027293 (OS Build 19045.3155) Preview

June 27, 2023—KB5027293 OS Build 19045.3155 Preview 3/21/23 REMINDER After March 21, 2023, there are no more optional, non-security preview releases for the supported editions of Windows 10, version 20H2 and Windows 10, version 21H2. Only cumulative monthly security updates known as the "B" or...

Windows on-screen keyboard shows up in a Windows VDA session through iOS/HTML5 Citrix Workspace App

Using Citrix Workspace app for HTML5, or Citrix Workspace app for iOS, on an iPad, to launch a virtual Windows desktop, tap the screen to start inputting/editing in the session, the Windows VDA side on-screen keyboard may show up, instead of the iOS native touch keyboard...

ROS-20220705-01

Caribou on-screen keyboard vulnerability, related to buffer overflow in XkbSetDeviceInfo and SetDeviceIndicators. Exploitation of the vulnerability could allow an attacker, when invoking the functionality of the the on-screen keyboard functionality from the screen keeper, crash libcaribou, crash...

USN-4958-1: Caribou vulnerability

It was discovered that the Caribou onscreen keyboard could be made to crash when given certain input values. An attacker could use this to bypass screen-locking applications that support using Caribou as an input mechanism...

On-screen keyboard in the endpoint pops up when the published desktop is launched

When the published desktop is launched, the on-screen keyboard from the client machine appears when clicking on the Start menu or when any keyboard input is needed...

eDEX-UI - A Cross-Platform, Customizable Science Fiction Terminal Emulator With Advanced Monitoring &Touchscreen Support

eDEX-UI is a fullscreen, cross-platform terminal emulator and system monitor that looks and feels like a sci-fi computer interface. Heavily inspired from the TRON Legacy movie effects especially the Board Room sequence, the eDEX-UI project was originally meant to be "DEX-UI with less « art » and...

CVE-2016-1584 Unity8 converged application lifecycle allows background applications to use on-screen keyboard when not top-most

In all versions of Unity8 a running but not active application on a large-screen device could talk with Maliit and consume keyboard input...

November 13, 2018—KB4467708 (OS Build 17763.134)

November 13, 2018—KB4467708 OS Build 17763.134 Notes: This release also contains updates for Microsoft HoloLens OS Build 17763.134 released November 13, 2018. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that ha...

Touch Screen Keyboard / On Screen Keyboard Minimizes On Every Key Pressed On it.

Touch screen keyboard / On-screen keyboard minimizes on every key pressed on it only on published application. It works fine for published Desktop...

March 13, 2018—KB4088787 (OS Build 14393.2125 and 14393.2126)

March 13, 2018—KB4088787 OS Build 14393.2125 and 14393.2126 Note The release also contains updates for Windows 10 Mobile OS Build 14393.2126 released on March 20, 2018. Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this...

March 13, 2018—KB4088782 (OS Build 15063.966 and 15063.968)

March 13, 2018—KB4088782 OS Build 15063.966 and 15063.968 Note The release also contains updates for Windows 10 Mobile OS Build 15063.968 released on March 19, 2018. Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this...

MS14-039: Description of the security update for Windows on-screen keyboard for systems that do not have the 2919355 update installed: July 8, 2014

MS14-039: Description of the security update for Windows on-screen keyboard for systems that do not have the 2919355 update installed: July 8, 2014 Introduction This security update a vulnerability in Windows that could allow elevation of privilege if an attacker uses a vulnerability in a...

KLA10601 Multiple vulnerabilities in Microsoft products

Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service gain privileges, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1...

(Pwn2Own) Microsoft On-Screen Keyboard Privilege Escalation Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

Microsoft Windows On-Screen Keyboard Privilege Escalation Vulnerability (2975685)

This host is missing an important security update according to Microsoft Bulletin MS14-039 SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...