PT-2024-11633 · Microsoft · Windows 11 +1

Name of the Vulnerable Software and Affected Versions: Windows 11 version 10.0.22000.593 Windows Server 2022 version 10.0.20348.643 Description: An access violation issue exists in the DirectComposition functionality of the win32kbase.sys driver. A specially-crafted set of syscalls can lead to a...

October 8, 2024—KB5044281 (OS Build 20348.2762)

October 8, 2024—KB5044281 OS Build 20348.2762 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when...

Snapshot fuzzing direct composition with WTF

Cisco Talos has developed a custom fuzzer using the popular snapshot fuzzer "WTF" which targets Direct Composition in Windows. Talos vulnerability research team used Protocol Buffers developed by Google to serialize and deserialize test cases. The Bochscpu backend of WTF was patched and other...