Google Discloses Unpatched Microsoft Vulnerability

Google’s security researchers disclosed details of an unpatched Microsoft vulnerability in Windows’ GDI library that allows attackers to steal sensitive data from program memory. The flaw was first addressed by Microsoft last June, but Google said the patch was incomplete. As part of its 90-day...

Microsoft Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Read

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=757 As clearly visible in the EMF Enhanced Metafile image format specification MS-EMF, there are multiple records which deal with DIBs Device Independent Bitmaps. Examples of such...

Microsoft Windows - 'gdi32.dll' Multiple DIB-Related EMF Record Handlers Heap Out-of-Bounds Reads/Memory Disclosure (MS16-074)

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=757 As clearly visible in the EMF Enhanced Metafile image format specification MS-EMF, there are multiple records which deal with DIBs Device Independent Bitmaps. Examples of such records are EMRALPHABLEND, EMRBITBLT, EMRMASKBLT,...

Microsoft Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Out-of-Bounds ReadsMemory Disclosure (MS16-074)

Microsoft Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Out-of-Bounds ReadsMemory Disclosure MS16-074 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=757 As clearly visible in the EMF Enhanced Metafile image format specification MS-EMF, there are multiple...