Microsoft SAFER Bypass

Hi @ll, Microsoft introduced SAFER alias Software Restriction Policies SRP with Windows XP about 20 years ago. See for the API, plus the TechNet articles "How Software Restriction Policies Work" and "Using Software Restriction Policies to Protect Against Unauthorized Software" for the use case...

Microsoft SAFER Bypass Vulnerability

Hi @ll, Microsoft introduced SAFER alias Software Restriction Policies SRP with Windows XP about 20 years ago. See for the API, plus the TechNet articles "How Software Restriction Policies Work" and "Using Software Restriction Policies to Protect Against Unauthorized Software" for the use case...

Citrix App Layering: How to Customize Windows 7 Visual Performance in a Layer.

There are no dedicated GPO to control that feature of customizing the performance of Visual Effects for the Windows Explorer in Windows 7. In order to get the customizations pushed out to all the desktops in the environment you need to create a registry script that will make these changes for you...

PowerPoint畸形文件解析代码执行漏洞

BUGTRAQ ID: 34351 CVECAN ID: CVE-2009-0556 Microsoft PowerPoint是微软Office套件中的文档演示工具。 PowerPoint在解析特制的PPT文件时可能会导致访问内存中的无效对象，这可能允许攻击者执行任意代码。目前这个漏洞正在被名为Exploit:Win32/Apptom.gen的病毒积极的理由。 Microsoft PowerPoint 2004 for Mac Microsoft PowerPoint 2003 SP3 Microsoft PowerPoint 2002 SP3 Microsoft PowerPoint...

Microsoft Excel富文本值堆溢出漏洞（MS08-014）

BUGTRAQ ID: 28168 CVECAN ID: CVE-2008-0116 Excel是微软Office办公软件家族中的电子表格工具。 Excel在解析BIFF文件格式时存在堆溢出漏洞，成功利用这个漏洞的攻击者可能以当前登录用户的权限执行任意指令。 如果处理了畸形的标签，就可能由用户控制堆分配，在将用户提供的数据拷贝到堆缓冲区时就可以触发这个溢出，覆盖任意内存。 Microsoft Excel Viewer 2003 Microsoft Excel 2003 SP2 Microsoft Excel 2002 SP3 Microsoft Excel 2000 SP3...