Design/Logic Flaw

gdi32.dll in Graphics Device Interface GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process heap...

A Shadow of our Former Self

Posted by James Forshaw of Google Project Zero “Necessity is the Mother of Invention” as it’s said, and this is no more true than when looking for and exploiting security vulnerabilities. When new exploit mitigations are introduced, either a way of bypassing the mitigation is needed or an...

CVE-2016-3219

creationtimestamp| type| source ---|---|--- 2016-06-21 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39993...

CVE-2016-3219

The kernel-mode driver in Microsoft Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."...

CVE-2016-3219

CVE-2016-3219 affects Windows 10 (Gold/1511) kernel-mode Win32k; root cause is a privilege-escalation path via IO Manager/file creation with INPC and IFAC, combined with object-manager shadow directories. Project Zero analysis details an IO flow where INPC disables MemAC/SecAC and OFAC handling g...

MS16-074: Security Update for Microsoft Graphics Component (3164036)

The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the Windows Graphics Component due to a failure to properly handle objects in memory. A local attacker can exploit this to disclose...

Microsoft Windows Win32k Elevation of Privilege (MS16-074: CVE-2016-3219)

An elevation of privilege vulnerability exists in Microsoft Windows Win32k. A remote attacker can bypass the ProcessFontDisablePolicy check in win32k to load a custom font from an arbitrary file on disk. A successful exploitation could allow an attacker to run arbitrary code with elevated...