DrvEye

drivertool A static-analysis & exploitation-triage toolkit...

SUSE-SU-2024:1368-1 Security update for shim

This update for shim fixes the following issues: - Update shim-install to set the TPM2 SRK algorithm bsc1213945 - Limit the requirement of fde-tpm-helper-macros to the distro with suseversion 1600 and above bsc1219460 Update to version 15.8: Security issues fixed: - mok: fix LogError invocation...

shim: Out-of-bounds read in verify_buffer_authenticode() malformed PE file

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service...

The vulnerability of the WinVerifyTrust function in the Windows operating system, allowing a hacker to execute arbitrary code

The vulnerability of the WinVerifyTrust function in the Windows operating system is related to improper validation of PE files during the verification of Authenticode signatures. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created signed PE...

‘Malsmoke’ Exploits Microsoft’s E-Signature Verification

Threat actors are exploiting Microsoft’s digital signature verification to steal user credentials and other sensitive information by delivering the ZLoader malware, which previously has been used to distribute Ryuk and Conti ransomware, researchers have found. Researchers at Check Point Research...

VulnCheck KEV: CVE-2012-0151

The Authenticode Signature Verification function in Microsoft Windows WinVerifyTrust does not properly validate the digest of a signed portable executable PE file, which allows user-assisted remote attackers to execute code...

PT-2012-1231 · Microsoft · Windows Xp +6

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview Description: The Authenticode Signature Verification functi...

Microsoft Security Bulletin MS10-019 - Critical Vulnerabilities in Windows Could Allow Remote Code Execution (981210)

Microsoft Security Bulletin MS10-019 - Critical Vulnerabilities in Windows Could Allow Remote Code Execution 981210 Published: April 13, 2010 | Updated: April 14, 2010 Version: 1.1 General Information Executive Summary This security update resolves two privately reported vulnerabilities in Window...

MS03-041: Vulnerability in Authenticode Verification Could Allow Remote Code Execution (823182)

The remote host contains a version of the Authenticode Verification module that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit this web page. An attacker may also be able to exploit the vulnerability by sendin...